Data security and privacy

Secure data storage, data loss prevention and encryption are must-have components of any enterprise security strategy, especially as data threats and breaches become increasingly common. Get advice on these topics, along with the latest data security strategies, data backup and recovery info, and more.

Top Stories

Feature 19 Dec 2024
10 cybersecurity predictions for 2025

AI will still be a hot topic in 2025, but don't miss out on other trends, including initial access broker growth, the rise of vCISOs, tech rationalization and more. Continue Reading
By
- Kyle Johnson, Technology Editor
Answer 19 Dec 2024
How bad is generative AI data leakage and how can you stop it?

Mismanaged training data, weak models, prompt injection attacks can all lead to data leakage in GenAI, with serious costs for companies. The good news? Risks can be mitigated. Continue Reading
By
- Chris Tozzi

Answer 12 Aug 2024
10 must-have contact center skills for agents in 2024

Contact center agents must have a wide range of interpersonal and technological skills to interact with customers and resolve their issues in a timely and empathetic manner. Continue Reading
By
- Scott Sachs, SJS Solutions
Tip 09 Aug 2024
10 best practices for contact center quality assurance

To ensure quality and results in the contact center, businesses must define clear metrics, use real-time analytics, seek customer feedback, upskill agents and automate everywhere. Continue Reading
By
- Kathleen Richards
Report 09 Aug 2024
15 essential contact center features

Today's multifunctional contact centers must cut through the product hype and incorporate software features that meet customer demands for fast, seamless and personalized service. Continue Reading
By
- Chris Tozzi
News 08 Aug 2024
Wiz researchers hacked into leading AI infrastructure providers

During Black Hat USA 2024, Wiz researchers discussed how they were able to infiltrate leading AI service providers and access confidential data and models across the platforms. Continue Reading
By
- Arielle Waldman, News Writer
News 07 Aug 2024
Researchers unveil AWS vulnerabilities, 'shadow resource' vector

During a Black Hat USA 2024 session, Aqua Security researchers demonstrated how they discovered six cloud vulnerabilities in AWS services and a new attack vector. Continue Reading
By
- Rob Wright, Senior News Director
Guest Post 02 Aug 2024
How to prepare for a secure post-quantum future

Quantum computing is expected to arrive within the next decade and break current cryptographic algorithms. SANS' Andy Smith explains how to start securing your company now. Continue Reading
By
- Andy Smith, SANS Institute instructor
Feature 31 Jul 2024
7 contact center trends for 2024 and beyond

As contact centers trend toward becoming viable profit centers, AI's influence is at the core of conversational analytics, omnichannel communications and a mobile-first strategy. Continue Reading
By
- Ed Scannell, Freelancer
Tip 31 Jul 2024
Contact center compliance checklist for modern workforces

A contact center compliance checklist can serve as a starting point for contact center managers as they seek to comply with internal and external requirements. Continue Reading
By
- Scott Sachs, SJS Solutions
Tip 30 Jul 2024
Google isn't killing third-party cookies: What now?

The end of third-party cookies was on the horizon for years. For marketers, this termination meant finding new strategies and alternatives to third-party data. Continue Reading
By
- Christine Campbell, The Alpha Content Company
Answer 30 Jul 2024
Benefits and challenges of electronic signatures

Electronic signatures are quick, secure and can support hybrid and distributed workforces, but not everyone trusts or has access to e-signature technology. Continue Reading
By
- Laurence Hart, CGI Federal
Feature 29 Jul 2024
How the Change Healthcare attack may affect cyber insurance

UnitedHealth's Change Healthcare attack continued to show the devastating aftermath of supply chain attacks. Experts say it could change contingent language for future policies. Continue Reading
By
- Arielle Waldman, News Writer
Definition 29 Jul 2024
What is SSH (Secure Shell) and How Does It Work?

SSH (Secure Shell or Secure Socket Shell) is a network protocol that gives users -- particularly systems administrators -- a secure way to access a computer over an unsecured network. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Peter Loshin, Former Senior Technology Editor
- Michael Cobb
Tip 26 Jul 2024
How to improve the contact center experience for customers

Customers want their contact center interactions to be fast, seamless, tailored and personal in the form of mobile apps, self-service, improved IVR and knowledgeable human agents. Continue Reading
By
- Kathleen Richards
News 26 Jul 2024
Researcher says deleted GitHub data can be accessed 'forever'

Truffle Security researcher Joe Leon warned GitHub users that deleted repository data is never actually deleted, which creates an "enormous attack vector" for threat actors. Continue Reading
By
- Arielle Waldman, News Writer
News 26 Jul 2024
BitLocker workaround may offer aid for CrowdStrike customers

CrowdStrike customers grappling with blue screens of death from the recent IT outage may be able to sidestep BitLocker encryption schemes and recover their Windows systems. Continue Reading
By
- Rob Wright, Senior News Director
Tip 24 Jul 2024
What is ERP security and why is it critical?

An ERP system is vulnerable whether it's on premises or in the cloud, and supply chain attacks continue to increase. Learn why it's important to secure your company's ERP software. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
Tip 23 Jul 2024
Microsoft Copilot Copyright Commitment explained

The copyright laws around generative AI-created content are still somewhat unclear, so organizations should look to Microsoft's copyright protections for guidance. Continue Reading
By
- Marius Sandbu, Sopra Steria
Definition 23 Jul 2024
What is the Cybersecurity Information Sharing Act (CISA)?

The Cybersecurity Information Sharing Act (CISA) allows United States government agencies and non-government entities to share information with each other as they investigate cyberattacks. Continue Reading
By
- Katie Terrell Hanna
Definition 23 Jul 2024
What is the Driver's Privacy Protection Act (DPPA)?

The Driver's Privacy Protection Act (DPPA) is a United States federal law designed to protect the personally identifiable information of licensed drivers from improper use or disclosure. Continue Reading
By
- Katie Terrell Hanna
- Corinne Bernstein
Tip 19 Jul 2024
8 contact center challenges in 2024 and how to overcome them

Multifunctional contact centers must meet the expectations of savvy customers, hire and maintain qualified agents, monetize data, safeguard information and modernize operations. Continue Reading
By
- Jerald Murphy, Nemertes Research
Definition 18 Jul 2024
What is data privacy?

Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, retention, immutability and security of sensitive data. Continue Reading
By
- Cameron Hashemi-Pour, Site Editor
- Stephen J. Bigelow, Senior Technology Editor
Definition 18 Jul 2024
What is employee monitoring?

Employee monitoring is when businesses monitor employees to improve productivity and protect corporate resources. Continue Reading
By
- Katie Terrell Hanna
News 17 Jul 2024
NullBulge threat actor targets software supply chain, AI tech

SentinelOne published new research detailing NullBulge, an emerging ransomware actor that recently claimed to have stolen data from Disney's internal Slack channels. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 17 Jul 2024
The CDK Global outage: Explaining how it happened

CDK Global was hit with a ransomware attack affecting thousands of U.S. auto dealerships. Keep reading to learn more about this attack and how it affected the industry. Continue Reading
By
- Sean Michael Kerner
Podcast 16 Jul 2024
Risk & Repeat: AT&T's Snowflake database breached

AT&T disclosed a breach in which threat actors compromised the company's Snowflake instance and stole call and text records from 'nearly all' the company's cellular customers. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 12 Jul 2024
Why does data privacy matter in marketing?

Marketers frequently use customer data for their strategies. They must properly secure that information, so they comply with privacy laws and customers trust the business. Continue Reading
By
- Griffin LaFleur, Swing Education
News 12 Jul 2024
AT&T breach affects 'nearly all' customers' call, text records

Fallout from the attacks on Snowflake customers continues as AT&T is the latest victim organization to disclose a data breach stemming from a compromised cloud instance. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 09 Jul 2024
Risk & Repeat: Hacks, lies and LockBit

Months after an international law enforcement effort disrupted the notorious ransomware-as-a-service operation, LockBit falsely claimed that it breached the U.S. Federal Reserve. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 09 Jul 2024
Top 10 customer data privacy best practices

To ensure customer data remains secure and inaccessible to bad actors, organizations should implement best practices such as frequent data audits and employee trainings. Continue Reading
By
- Sandra Mathis, Microsoft
Tip 09 Jul 2024
Use these 6 user authentication types to secure networks

One layer of security that all networks and applications need is authentication. Read up on six authentication types, from 2FA to biometrics to certificates. Continue Reading
By
- Kyle Johnson, Technology Editor
News 08 Jul 2024
Ransomware hits CDK Global, public sector targets in June

The prevalent threat continued to cause disruptions last month as city halls were forced to close and auto dealerships faced downstream effects after an attack against CDK Global. Continue Reading
By
- Arielle Waldman, News Writer
Definition 05 Jul 2024
What is a cyber attack? How they work and how to stop them

A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Mary K. Pratt
Video 03 Jul 2024
The importance of compliance officers

Compliance officers ensure a company follows both its internal rules as well as external laws from the government. Continue Reading
By
- Sabrina Polin, Managing Editor
Feature 02 Jul 2024
8 benefits of a modern contact center

Contact centers and their multifunctional capabilities can provide businesses with a competitive edge through improved agent performance, customer engagement and brand loyalty. Continue Reading
By
- Stephen J. Bigelow, Senior Technology Editor
News 01 Jul 2024
Critical OpenSSH vulnerability could affect millions of servers

Exploitation against CVE-2024-6387, which Qualys nicknamed 'regreSSHion,' could let attackers bypass security measures and gain root access to vulnerable servers. Continue Reading
By
- Arielle Waldman, News Writer
Feature 01 Jul 2024
A timeline and history of blockchain technology

Riding the back of volatile cryptocurrencies, blockchain's trek has been raucous since 2009, but the technology's roots are much deeper and applications much richer than Bitcoin. Continue Reading
By
- Ron Karjian, Industry Editor
- Robert Sheldon
Tip 25 Jun 2024
EDR vs. antivirus: What's the difference?

Endpoint detection and response and antivirus tools both protect enterprise networks, and both have distinct advantages. Which is better for your organization? Continue Reading
By
- Ravi Das, ML Tech Inc.
Definition 21 Jun 2024
personally identifiable information (PII)

Personally identifiable information (PII) is any data that could potentially identify a specific individual. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Corinne Bernstein
Podcast 18 Jun 2024
Risk & Repeat: Microsoft under fire again over Recall

Microsoft made changes to its AI-driven Recall feature, but that didn't stop Congress from grilling company president Brad Smith during a House committee hearing. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 18 Jun 2024
EPAM denies link to Snowflake customer attacks

EPAM, a Belarusian software company, said an investigation found no evidence that it was connected to recent attacks against Snowflake customer databases. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Jun 2024
Veeam executives discuss data protection trends, future IPO

Data protection trends include securing backups and planning for ransomware recovery. Veeam executives discuss these keys, plus why the 'data resilience company' can go public. Continue Reading
By
- Paul Crocetti, Executive Editor
News 14 Jun 2024
Security pros grade Apple Intelligence data privacy measures

Apple has built a Private Cloud Compute server to process and then delete data sent from Apple Intelligence running on an iPhone, iPad or Mac. Apple says it won't store any data. Continue Reading
By
- Antone Gonsalves, News Director
News 13 Jun 2024
Microsoft's Recall changes might be too little, too late

Criticism of Microsoft's Recall feature continues even after the software giant announced several updates to address concerns from the infosec community. Continue Reading
By
- Arielle Waldman, News Writer
News 12 Jun 2024
AWS touts security culture, AI protections at re:Inforce 2024

AWS executives highlighted the company's longstanding security, which evoked comparisons to its chief cloud rival Microsoft and the recent Cyber Safety Review Board report. Continue Reading
By
- Rob Wright, Senior News Director
Definition 12 Jun 2024
privacy impact assessment (PIA)

A privacy impact assessment (PIA) is a method for identifying and assessing privacy risks throughout the development lifecycle of a program or system. Continue Reading
By
- Cameron Hashemi-Pour, Site Editor
- Paul Kirvan
- Ben Cole, Executive Editor
Answer 12 Jun 2024
Zero trust vs. defense in depth: What are the differences?

Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks complement each other. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Definition 11 Jun 2024
digital profiling

Digital profiling is the process of gathering and analyzing information about an individual that exists online. Continue Reading
By
- Katie Terrell Hanna
News 06 Jun 2024
Ransomware ravaged schools and cities in May

The public sector took the brunt of ransomware in May, while another damaging attack against a healthcare company disrupted patient access to pharmacy services. Continue Reading
By
- Arielle Waldman, News Writer
Definition 06 Jun 2024
data splitting

Data splitting is when data is divided into two or more subsets. Typically, with a two-part split, one part is used to evaluate or test the data and the other for training the model. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Podcast 05 Jun 2024
Risk & Repeat: Sorting out Snowflake's security mess

This podcast episode discusses the recent attacks against Snowflake customers and a controversial report that claimed the cloud storage and analytics giant had been breached. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 05 Jun 2024
Veeam backup and security updates include cloud vault, copilot

Veeam products and services in the spotlight at the VeeamON 2024 user conference included secure backups in the cloud, a generative AI assistant and a new offering with Lenovo. Continue Reading
By
- Paul Crocetti, Executive Editor
Answer 05 Jun 2024
Reporting ransomware attacks: Steps to take

The Cybersecurity and Infrastructure Security Agency and FBI recommend reporting ransomware attacks to the authorities as soon as possible. This expert advice outlines the process. Continue Reading
By
- Kyle Johnson, Technology Editor
News 03 Jun 2024
Mandiant: Ransomware investigations up 20% in 2023

The cybersecurity company observed a sharp rise in activity on data leak sites in 2023 as well as an increase in ransomware actors using legitimate commercial tools during attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 03 Jun 2024
Snowflake: No evidence of platform breach

Snowflake on Saturday issued a joint statement with third-party investigators Mandiant and CrowdStrike denying reports that its platform had been breached. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 31 May 2024
Threat actor compromising Snowflake database customers

A threat actor tracked as UNC5537 is using stolen credentials against Snowflake database customers to conduct data theft and extortion attacks, cloud security firm Mitiga said. Continue Reading
By
- Alexander Culafi, Senior News Writer
Opinion 30 May 2024
Dell Technologies World was all about AI; what about security?

At Dell Technologies World 2024, Dell made it crystal clear that it is all-in on AI, but the company must also emphasize the importance of cybersecurity. Continue Reading
By
- Dave Gruber, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Feature 29 May 2024
Why healthcare data is often the target of ransomware attacks

The healthcare industry relies heavily on IT systems. Sensitive patient data is valuable to hackers, leading to ransomware attacks that disrupt operations and endanger lives. Continue Reading
By
- Sean Michael Kerner
News 23 May 2024
CISA executive director discusses CIRCIA, incident reporting

CISA Executive Director Brandon Wales speaks with TechTarget Editorial to discuss CIRCIA and the importance of incident reporting to the larger cybersecurity ecosystem. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 May 2024
CyberArk to acquire Venafi from Thoma Bravo for $1.5B

CyberArk said it intends to help enterprises with the growing number of machine identities, which the company said surpasses human identities by a ratio of 40 to 1. Continue Reading
By
- Arielle Waldman, News Writer
Definition 17 May 2024
hashing

Hashing is the process of transforming any given key or a string of characters into another value. Continue Reading
By
- Kinza Yasar, Technical Writer
- Andrew Zola
Tip 17 May 2024
SharePoint vs. Box: What's the difference?

SharePoint and Box both help users manage and store content. Yet, to choose the right tool, organizations should first consider their integration and security requirements. Continue Reading
By
- Christine Campbell, The Alpha Content Company
Tip 17 May 2024
An overview of storage encryption for enterprises

The constantly increasing data volumes and locations -- plus the number of security threats -- should push enterprise storage strategies to include strong encryption. Continue Reading
By
- Julia Borgini, Spacebarpress Media
News 16 May 2024
What LockBitSupp charges mean for ransomware investigations

At RSA Conference 2024, Recorded Future's Allan Liska discussed evolving ransomware trends and how authorities recently exposed the LockBit ransomware group ringleader. Continue Reading
By
- Arielle Waldman, News Writer
Feature 15 May 2024
Lessons learned from high-profile data breaches

Equifax. Colonial Pipeline. Sony. Target. All are high-profile data breaches, and all offer key lessons to learn that prevent your organization from falling victim to an attack. Continue Reading
By
- Sharon Shea, Executive Editor
Podcast 15 May 2024
Risk & Repeat: Recapping RSA Conference 2024

Artificial intelligence was center stage at RSA Conference 2024, but the show also focused on secure-by-design principles, the ransomware landscape and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 15 May 2024
Common Vulnerability Scoring System (CVSS)

The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity and characteristics of security vulnerabilities in information systems. Continue Reading
By
- Kinza Yasar, Technical Writer
- Alexander S. Gillis, Technical Writer and Editor
- Madelyn Bacon, TechTarget
Tip 14 May 2024
RSAC panel debates confidence in post-quantum cryptography

The Cryptographers' Panel at RSAC offered opinions on their confidence in PQC following the release of a paper questioning lattice-based encryption's viability. Continue Reading
By
- Kyle Johnson, Technology Editor
News 09 May 2024
Dell 'security incident' might affect millions

Dell notified customers that a company portal connected to customer data exposed orders, names and addresses, while reports indicate the data is now up for sale on the dark web. Continue Reading
By
- Tim McCarthy, News Writer
News 08 May 2024
National Security Agency warns against paying ransoms

Rob Joyce and David Luber, former and current directors of cybersecurity at the NSA, discuss how the ransomware attack on Change Healthcare exemplified the cons of paying ransoms. Continue Reading
By
- Arielle Waldman, News Writer
Definition 08 May 2024
Digital Personal Data Protection Act, 2023

India's Digital Personal Data Protection Act, 2023 (DPDPA) is a comprehensive privacy and data protection law that recognizes the right of individuals, referred to as "data principals," to protect their personal data during the processing of that data for lawful purposes. Continue Reading
By
- George Lawton
News 07 May 2024
Authorities identify, sanction LockBit ransomware ringleader

After weeks of waiting, authorities in the U.S., the U.K. and Australia publicly identified 'LockBitSupp,' the mysterious operator behind the prolific LockBit ransomware gang. Continue Reading
By
- Rob Wright, Senior News Director
News 06 May 2024
IBM study shows security for GenAI projects is an afterthought

IBM's survey of C-suite executives finds that 82% say trustworthy and secure AI are essential, but only 24% have a security component included in their GenAI projects. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 02 May 2024
What is the dark web (darknet)?

The dark web is an encrypted portion of the internet not visible to the general public via a traditional search engine such as Google. Continue Reading
By
- Rahul Awati
- Katie Terrell Hanna
Feature 02 May 2024
What is a data protection officer (DPO) and what do they do?

Today's DPO must juggle technical, legal and collaborative skills in the shadow of more sophisticated data breaches, tougher data privacy laws and generative AI deployments. Continue Reading
By
- George Lawton
News 02 May 2024
Dropbox discloses data breach involving Dropbox Sign

A threat actor accessed Dropbox Sign customer names, emails, hashed passwords, API keys, OAuth tokens, multifactor authentication information and other data. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 02 May 2024
What is Data Encryption Standard (DES)?

Data Encryption Standard (DES) is an outdated symmetric key method of data encryption. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
- Michael Cobb
Definition 02 May 2024
What is PCI DSS (Payment Card Industry Data Security Standard)?

The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information. Continue Reading
By
- Nick Barney, Technology Writer
News 01 May 2024
Verizon DBIR: Vulnerability exploitation in breaches up 180%

Verizon said it examined approximately twice as many breaches for the 2024 Data Breach Investigations Report -- 10,626 out of 30,458 total tracked incidents. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 01 May 2024
Federal Information Security Modernization Act (FISMA)

): The Federal Information Security Modernization Act (FISMA) is United States legislation that defines a framework of guidelines and security standards to protect government information technology operations from cyberthreats. Continue Reading
By
- Paul Kirvan
- Alexander S. Gillis, Technical Writer and Editor
Conference Coverage 01 May 2024
RSA Conference 2024 focuses on collaboration, resilience

Follow TechTarget Security's RSAC 2024 guide for pre-conference insights and the most pressing presentations and breaking news at the world's biggest infosec event. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 30 Apr 2024
Understanding Microsoft 365 GCC High and other licenses

Government organizations should turn to the variety of dedicated services that Microsoft offers to deliver familiar productivity services to users with highly secured data. Continue Reading
By
- Helen Searle-Jones, Tritech Group
News 30 Apr 2024
Change Healthcare breached via Citrix portal with no MFA

UnitedHealth Group CEO Andrew Witty's opening statement for Wednesday's congressional hearing shed more light on the ransomware attack against Change Healthcare. Continue Reading
By
- Arielle Waldman, News Writer
News 25 Apr 2024
Risk & Repeat: Change Healthcare's bad ransomware bet

This Risk & Repeat podcast discusses Change Healthcare's ransomware attack and the apparent further spread of sensitive data despite the company paying a ransom. Continue Reading
By
- Alexander Culafi, Senior News Writer
- Rob Wright, Senior News Director
News 25 Apr 2024
Cisco zero-day flaws in ASA, FTD software under attack

Cisco revealed that a nation-state threat campaign dubbed 'ArcaneDoor' exploited two zero-day vulnerabilities in its Adaptive Security Appliance and Firepower Threat Defense products. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 23 Apr 2024
U.S. cracks down on commercial spyware with visa restrictions

The move marks the latest effort by the U.S. government to curb the spread of commercial spyware, which has been used to target journalists, politicians and human rights activists. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 23 Apr 2024
Creating a patch management policy: Step-by-step guide

A comprehensive patch management policy is insurance against security vulnerabilities and bugs in networked hardware and software that can disrupt your critical business processes. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 22 Apr 2024
Mitre breached by nation-state threat actor via Ivanti flaws

An unnamed nation-state threat actor breached Mitre through two Ivanti Connect Secure zero-day vulnerabilities, CVE-2023-46805 and CVE-2024-21887, disclosed earlier this year. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 22 Apr 2024
chief privacy officer (CPO)

A chief privacy officer (CPO) is a corporate executive charged with developing and implementing policies designed to protect employee and customer data from unauthorized access. Continue Reading
By
- Katie Terrell Hanna
Tip 19 Apr 2024
7 steps to create a data loss prevention policy

Data loss prevention is an ever-changing process of proactive and reactive protection and planning. Read on to learn how to set up a successful DLP policy. Continue Reading
By
- Donald Farmer, TreeHive Strategy
News 19 Apr 2024
CISA: Akira ransomware extorted $42M from 250+ victims

The Akira ransomware gang, which utilizes sophisticated hybrid encryption techniques and multiple ransomware variants, targeted vulnerable Cisco VPNs in a campaign last year. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 18 Apr 2024
3 Keycloak authorization strategies to secure app access

Keycloak, an open source IAM tool, offers authorization methods, including RBAC, GBAC and OAuth 2.0, that limit what users can access. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
Opinion 18 Apr 2024
Optimize encryption and key management in 2024

Enterprise Strategy Group research highlighted the encryption challenges enterprises face, including lack of encryption, cryptographic infrastructure inadequacies and more. Continue Reading
By
- Todd Thiemann, Senior Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 12 Apr 2024
CISA: Midnight Blizzard obtained federal agency emails

CISA ordered U.S. federal agencies to reset any credentials exposed by Midnight Blizzard's breach against Microsoft and notify CISA in the case of a known or suspected compromise. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 11 Apr 2024
7 principles of the GDPR explained

The GDPR's seven data protection principles on the lawful processing of data are directly influencing the way businesses collect, store, erase and monetize personal information. Continue Reading
By
- George Lawton
News 11 Apr 2024
CISA discloses Sisense breach, customer data compromised

CISA is investigating a breach of data analytics vendor Sisense that may have exposed customers' credentials and secrets and could impact critical infrastructure organizations. Continue Reading
By
- Arielle Waldman, News Writer
Feature 11 Apr 2024
AI and GDPR: How is AI being regulated?

Amid data privacy issues spawned by proliferating AI and generative AI applications, GDPR provisions need some updating to provide businesses with more specific AI guidelines. Continue Reading
By
- George Lawton
Opinion 10 Apr 2024
Identity, data security expectations for RSA Conference 2024

Security practitioners can expect to hear about key issues at this year's RSA Conference, including identity and data security, AI and DSPM. Continue Reading
By
- Todd Thiemann, Senior Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Definition 10 Apr 2024
cryptanalysis

Cryptanalysis is the study of ciphertext, ciphers and cryptosystems to understand how they work and to find and improve techniques for defeating or weakening them. Continue Reading
By
- TechTarget Contributor
Answer 09 Apr 2024
How do companies protect customer data?

Companies can protect customer data through various technical tools and strategies, like authentication and encryption. But some types of data need more protection than others. Continue Reading
By
- Sandra Mathis, Microsoft
News 08 Apr 2024
Flaws in legacy D-Link NAS devices under attack

Internet scans show threat actors are targeting CVE-2024-3273 in thousands of end-of-life D-Link NAS devices, and exploitation requires no authentication. Continue Reading
By
- Arielle Waldman, News Writer