By Raj Soni (with help of ChatGPT) Introduction In the perilous realm of digital villains and increasing phishing attacks, organizations are seeking a mighty shield to protect their sensitive data. Enter encryption, the superhero of the cybersecurity world, ready to save the day! In this blog post, we will embark on an...
By Raj Soni I speak to many CISOs and cybersecurity leaders on a regular basis. The topic of data discovery and classification comes up a lot. I find many cybersecurity teams are not ready or prepared to discover their data; they are busy fighting fires dealing with phishing attacks and ransomware....
By Raj Soni There are many questions regarding how to adequately protect data in our organizations and in all its forms (structured and unstructured data). At Adaptive Systems, we focus exclusively in Data Security and we help organizations protect their data and comply with data privacy regulations. In this article we’re...
Database monitoring is a key data security control needed today in the age of relentless cyber-attacks, especially with all the data privacy regulations coming up (i.e., GDPR, CCPA etc.) the awareness to implement a data protection program is growing. If you have been monitoring database activity for a while or...
By Raj Soni Hardening your databases is the easiest thing you can do now to protect your data! It can identify exposures such as missing patches, weak passwords, unauthorized access and changes, misconfigured privileges, and other vulnerabilities. Setting up a database vulnerability program provides the following key benefits: it will (1) identify...
By Raj Soni As president & CEO of Adaptive Systems Inc, a firm exclusively focused on data privacy, security and compliance, “why should I monitor my databases?” is a question I get asked all the time. Many clients have said that their databases are in a secure zone and in a...
By Asha Abraham We’ve already covered common approaches to qualitative cyber risk analyses in the previous blog post and highlighted key differences between qualitative and quantitative assessments. Here we will look at how to actually quantify cyber risk. According to Factor Analysis of Information Risk (FAIR)1, cyber risk management is about...
By Asha Abraham Information and associated technologies are the lifeblood of a business entity today and the tangible assets that fuel our digital economy. In a digital world where technology domains converge to enable business at machine speed, cyber risk is the risk that technology, especially connected technologies introduce into your...
I’m sure you have asked yourself this question, right? Simple answer: SQL Injection. "...they probably stole the database credentials out of the [web] application…" According to the below article and many others online, the data breach occurred due to a web app vulnerability. This article explains technically what happened. http://securityaffairs.co/wordpress/62934/hacking/equifax-hack-struts.html Excerpt from the above article: “For...
What is General Data Protection Regulation (GDPR)? Who has to Comply with GDPR? Does your organization collect European Union (EU) citizen data? If yes, then you most certainly need to comply. The EU passed this privacy regulation which includes requirements for protecting personal information, make sure that it stays private and...