Data security and privacy
Secure data storage, data loss prevention and encryption are must-have components of any enterprise security strategy, especially as data threats and breaches become increasingly common. Get advice on these topics, along with the latest data security strategies, data backup and recovery info, and more.
Top Stories
-
Conference Coverage
16 May 2025
RSAC Conference 2025
Follow SearchSecurity's RSAC 2025 guide for insightful pre-conference insights and reports on notable presentations and breaking news at the world's biggest infosec event. Continue Reading
-
Opinion
14 May 2025
DLP in the GenAI Era: Shadow data and DLP product churn
Recent Enterprise Strategy Group research found data loss prevention product churn combined with undiscovered data and shadow IT are changing the DLP landscape. Continue Reading
-
Podcast
13 Mar 2024
Risk & Repeat: CISA hacked via Ivanti vulnerabilities
The compromise of two internal CISA systems comes on the heels of ongoing attacks and developments related to two zero-day vulnerabilities Ivanti disclosed in January. Continue Reading
-
Definition
13 Mar 2024
What is cryptography?
Cryptography is a method of protecting information and communications using codes, so that only those for whom the information is intended can read and process it. Continue Reading
-
News
12 Mar 2024
Sophos: Remote ransomware attacks on SMBs increasing
According to new research from Sophos, small businesses are seeing a rise in threats such as remotely executed ransomware attacks, malvertising, driver abuse and more. Continue Reading
-
Definition
12 Mar 2024
asymmetric cryptography
Asymmetric cryptography, also known as public key cryptography, is a process that uses a pair of related keys -- one public key and one private key -- to encrypt and decrypt a message and protect it from unauthorized access or use. Continue Reading
-
News
11 Mar 2024
CISA confirms compromise of its Ivanti systems
CISA said that approximately one month ago, it identified 'activity indicating the exploitation of vulnerabilities in Ivanti products the agency uses.' Continue Reading
-
News
08 Mar 2024
Midnight Blizzard accessed Microsoft systems, source code
Microsoft said Midnight Blizzard used data stolen from a breach of its corporate email system to access other parts of the company's network, including source code repositories. Continue Reading
-
Podcast
07 Mar 2024
Risk & Repeat: Alphv/BlackCat's chaotic exit (scam)
This podcast episode discusses the possible exit scam of ransomware-as-a-service gang Alphv/BlackCat, as well as the chaotic months the gang had leading up to its closure. Continue Reading
-
News
05 Mar 2024
Alphv/BlackCat leak site goes down in possible exit scam
An Alphv/BlackCat affiliate accused the ransomware gang of stealing a ransom payment worth more than $20 million that may have been obtained in the Change Healthcare attack. Continue Reading
-
News
05 Mar 2024
Inside an Alphv/BlackCat ransomware attack
Sygnia researchers investigated an intrusion in a client's network and discovered an Alphv/BlackCat ransomware actor had been lurking in the environment for weeks. Continue Reading
-
Feature
04 Mar 2024
Infosec pros weigh in on proposed ransomware payment bans
Whether for or against a payment ban, security professionals are concerned regulations could negatively affect victims and result in fewer incident disclosures. Continue Reading
-
News
04 Mar 2024
LockBit, Alphv/BlackCat highlight February ransomware activity
With events surrounding the LockBit and Alphv/BlackCat gangs and the ConnectWise ScreenConnect flaws, ransomware activity continues this year after a surge in 2023. Continue Reading
-
Definition
29 Feb 2024
phishing
Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person in an email or other form of communication. Continue Reading
-
News
28 Feb 2024
Alphv/BlackCat attacking hospitals following FBI takedown
The ransomware attacks against hospitals and the healthcare sector come after law enforcement agencies, led by the FBI, disrupted Alphv/BlackCat's network in December. Continue Reading
-
Podcast
27 Feb 2024
Risk & Repeat: LockBit resurfaces after takedown
LockBit returns just days after an international law enforcement operation infiltrated the ransomware gang's network and seized infrastructure, source code and decryption keys. Continue Reading
-
News
27 Feb 2024
Ransomware gangs exploiting ConnectWise ScreenConnect flaws
Ransomware activity is ramping up against vulnerable ScreenConnect systems as Black Basta and Bl00dy threat actors were observed exploiting the vulnerabilities. Continue Reading
-
News
26 Feb 2024
LockBit restores servers following law enforcement takedown
Law enforcement agencies last week announced a takedown of the LockBit ransomware gang that involved the seizure of servers, websites and decryption keys, as well as two arrests. Continue Reading
-
Definition
26 Feb 2024
data broker (information broker)
A data broker, also called an information broker or information reseller, is a business that collects large amounts of personal information about consumers. Continue Reading
-
Tip
22 Feb 2024
IoMT device tips for healthcare IT departments
Healthcare providers' IT departments must keep an ever-expanding range of IoT devices powered on, connected and secure. Challenges abound, but they are surmountable. Continue Reading
-
Definition
22 Feb 2024
What is cybersecurity?
Cybersecurity is the practice of protecting internet-connected systems such as hardware, software and data from cyberthreats. Continue Reading
-
News
21 Feb 2024
Apple unveils PQ3 post-quantum encryption for iMessage
Apple said its new PQ3 protocol for iMessage is the first of its kind and addresses both future threats from quantum computing as well as "harvest now, decrypt later" attacks. Continue Reading
-
News
20 Feb 2024
Operation Cronos dismantles LockBit ransomware gang
An international law enforcement operation led by the U.K.'s National Crime Agency seizes LockBit's websites, servers, source code and decryption keys. Continue Reading
-
Definition
20 Feb 2024
Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified information. Continue Reading
-
News
15 Feb 2024
Ransomware disrupts utilities, infrastructure in January
Ransomware attacks last month caused outages and disruptions at public sector and critical infrastructure organizations as well as a major financial services firm. Continue Reading
-
Tip
14 Feb 2024
What is cybersecurity mesh and how can it help you?
The concept of cybersecurity mesh could help solve and simplify issues created by multi-cloud deployments and the increase in remote work environments. Continue Reading
-
News
13 Feb 2024
Iranian cyberattacks targeting U.S. and Israeli entities
Google said Tuesday that state-backed Iranian actors targeted the U.S. and Israel consistently in the years prior to the start of the Israel-Hamas war as well as the months after. Continue Reading
-
News
13 Feb 2024
Proofpoint: 'Hundreds' of Azure accounts compromised
Proofpoint researchers found that the attackers manipulated the MFA of compromised accounts, registering their own methods to maintain persistent access. Continue Reading
-
Feature
13 Feb 2024
Ransomware preparedness kicks off 2024 summit series
BrightTALK commenced the new year with ransomware readiness, giving viewers workable tips to prevent and recover from a devastating attack. Check out some highlights here. Continue Reading
-
Tip
12 Feb 2024
Top metaverse cybersecurity challenges: How to address them
As the metaverse takes shape, companies must consider a slew of new cybersecurity challenges and how to deal with them. Continue Reading
-
Definition
09 Feb 2024
mobile security (wireless security)
Mobile security, also known as wireless security, refers to the measures taken to protect smartphones, tablets, laptops, smartwatches and other portable computing devices and the networks they connect to, from threats and vulnerabilities associated with wireless computing. Continue Reading
-
News
08 Feb 2024
NCC Group records the most ransomware victims ever in 2023
Enterprises faced an alarming number of ransomware attacks as gangs targeted supply chains and took advantage of zero-day vulnerabilities and organizations' patching struggles. Continue Reading
-
News
07 Feb 2024
Chainalysis: 2023 a 'watershed' year for ransomware
Chainalysis said ransomware payments ballooned to reach $1.1 billion in 2023, marking a complete reversal from the decline in ransomware payments seen the year prior. Continue Reading
-
Definition
07 Feb 2024
encryption
Encryption is the method by which information is converted into secret code that hides the information's true meaning. Continue Reading
-
News
06 Feb 2024
Google: Spyware vendors are driving zero-day exploitation
Google's Threat Analysis Group urged further government action against commercial surveillance vendors that let customers abuse spyware products with impunity. Continue Reading
-
News
05 Feb 2024
AnyDesk hacked, details unclear
Of the hack, AnyDesk said it found 'no evidence that any end-user devices have been affected.' But researchers said they saw AnyDesk customer credentials for sale on the dark web. Continue Reading
-
Definition
02 Feb 2024
communications security (COMSEC)
Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic or to any written information that is transmitted or transferred. Continue Reading
-
News
01 Feb 2024
CISA deputy director touts progress, anti-ransomware efforts
In this Q&A, CISA Deputy Director Nitin Natarajan shares his thoughts on scaling up to meet high demand, the agency's new initiative to address ransomware and more. Continue Reading
-
News
30 Jan 2024
Corvus: 2023 was a 'record-breaking' ransomware year
The insurance company analyzed claims data and ransomware gangs' data leak sites, which suggests as many as 7,600 organizations across the globe were attacked in 2023. Continue Reading
-
Feature
30 Jan 2024
Security executives slam Microsoft over latest breach
Criticisms about Microsoft's breach include the lack of multifactor authentication on the targeted account and the company's approach to disclosing information about the attack. Continue Reading
-
News
29 Jan 2024
Citizen Lab details ongoing battle against spyware vendors
At the SANS Cyber Threat Intelligence Summit, Citizen Lab researcher Bill Marczak discusses spyware proliferation from commercial vendors such as NSO Group, Cytrox and Quadream. Continue Reading
-
Tip
29 Jan 2024
What is attack surface management and why is it necessary?
Attack surface management approaches security from the attacker's perspective. Learn how ASM can help better secure your organization's assets and resources. Continue Reading
-
Tip
29 Jan 2024
Cybersecurity skills gap: Why it exists and how to address it
The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
-
News
26 Jan 2024
Microsoft: Legacy account hacked by Russian APT had no MFA
Microsoft has begun notifying other organizations that have been targeted in recent attacks by Midnight Blizzard, a Russian nation-state actor also known as Cozy Bear and APT29. Continue Reading
-
Definition
26 Jan 2024
digital forensics and incident response (DFIR)
Digital forensics and incident response (DFIR) is a combined set of cybersecurity operations that incident response teams use to detect, investigate and respond to cybersecurity events. Continue Reading
-
News
25 Jan 2024
HPE breached by Russian APT behind Microsoft hack
HPE suspects that Cozy Bear, a Russian state-sponsored threat actor also known as Midnight Blizzard and Nobelium, breached its network twice in 2020. Continue Reading
-
News
24 Jan 2024
NCSC says AI will increase ransomware, cyberthreats
While other threats are likely to increase as well, the U.K.'s National Cyber Security Centre warns that threat actors will use AI to continue the influx of ransomware attacks. Continue Reading
-
Definition
24 Jan 2024
encryption key management
Encryption key management is the practice of generating, organizing, protecting, storing, backing up and distributing encryption keys. Continue Reading
-
News
23 Jan 2024
Attacks begin on critical Atlassian Confluence vulnerability
Exploitation activity for CVE-2023-22527 marks the third time in four months that a critical Atlassian Confluence flaw has gained threat actors' attention. Continue Reading
-
News
22 Jan 2024
Microsoft breached by Russian APT behind SolarWinds attack
Several email accounts belonging to Microsoft senior leadership were accessed as part of the breach, though Microsoft found 'no evidence' of customer environments being accessed. Continue Reading
-
News
18 Jan 2024
CISA posts incident response guide for water utilities
In its guide, CISA urged water and wastewater sector utility operators to harden their security posture, increase information sharing and build incident response plans. Continue Reading
-
News
18 Jan 2024
Chainalysis observes decrease in cryptocurrency crime in 2023
During 2023, Chainalysis tracked a decrease in the total value and volume of illicit cryptocurrency transactions. But it is unclear if the downward trend will continue. Continue Reading
-
News
17 Jan 2024
Google, researchers in dispute over account hijacking attacks
Google disputes aspects of threat research that CloudSEK published last month claiming threat actors are maintaining persistence after hijacking Google user accounts. Continue Reading
-
Tip
12 Jan 2024
How to recycle mobile phones in the enterprise
Mobile device disposal requires careful planning. IT teams must learn how to recycle mobile phones to keep e-waste out of landfills and enterprise data out of the wrong hands. Continue Reading
-
Tip
11 Jan 2024
How to securely recycle enterprise computers
No matter how an organization wants to retire a device when it reaches its end of life, IT must first ensure that any sensitive data on it has been properly destroyed. Continue Reading
-
News
10 Jan 2024
China claims it cracked Apple's AirDrop, can track senders
The flaw used by Chinese researchers to crack Apple's AirDrop encryption was reported to the company in 2019 by researchers at German university TU Darmstadt. Continue Reading
-
News
09 Jan 2024
Amsterdam arrest leads to Babuk Tortilla ransomware decryptor
A joint effort by Cisco Talos, Avast and Dutch law enforcement results in an all-encompassing Babuk ransomware recovery key and the arrest of a threat actor. Continue Reading
-
News
09 Jan 2024
Account hijacking, cryptocurrency scams spread on X
One company that had its account stolen and used for cryptocurrency scams, CertiK, said it was hacked through a phishing attack from a journalist's compromised account. Continue Reading
-
Feature
09 Jan 2024
How to fix the top 5 cybersecurity vulnerabilities
Check out how to fix five top cybersecurity vulnerabilities to prevent data loss from poor endpoint security, ineffective network monitoring, weak authentication and other issues. Continue Reading
-
Definition
08 Jan 2024
NIST Cybersecurity Framework
The NIST Cybersecurity Framework (CSF) provides guidance on how to manage and reduce IT infrastructure security risk. Continue Reading
-
Feature
08 Jan 2024
How to become an incident responder: Requirements and more
Incident response is a growth area that provides career advancement options and a good salary. Here's an in-depth look at job requirements, salaries and available certifications. Continue Reading
-
News
04 Jan 2024
December ransomware attacks disrupt healthcare organizations
Two attacks last month exposed the sensitive information of more than 3 million individuals as ransomware attacks continued to disrupt networks and expose private data. Continue Reading
-
Definition
02 Jan 2024
identity theft
Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, to impersonate someone else. Continue Reading
-
Definition
27 Dec 2023
email signature
An email signature -- or signature block or signature file -- is the short text that appears at the end of an email message to provide more information about the sender. Continue Reading
-
News
21 Dec 2023
10 of the biggest ransomware attacks in 2023
Ransomware attacks against U.S. organizations hit record levels this year as threat actors stepped up extortion tactics and took shaming victims to new levels. Continue Reading
-
Definition
21 Dec 2023
What is the CIA triad (confidentiality, integrity and availability)?
The CIA triad refers to confidentiality, integrity and availability, describing a model designed to guide policies for information security within an organization. Continue Reading
-
News
19 Dec 2023
FBI leads Alphv/BlackCat takedown, decrypts victims' data
The latest law enforcement effort to halt the surge of ransomware attacks was successful in disrupting one of the most active ransomware-as-a-service groups. Continue Reading
-
Feature
14 Dec 2023
9 cybersecurity trends to watch in 2024
Analysts are sharing their cybersecurity trends and predictions for 2024. From zero-day attacks to generative AI security and increased regulations, is your organization ready? Continue Reading
-
Tip
13 Dec 2023
12 key cybersecurity metrics and KPIs for businesses to track
IT security managers need to monitor cybersecurity efforts and make sure they're effective. These 12 metrics and KPIs will help show what's working -- and what isn't. Continue Reading
-
News
13 Dec 2023
How ransomware gangs are engaging -- and using -- the media
New Sophos research shows that ransomware groups are not only attacking technical systems, but taking advantage of information systems as well to pressure victims into paying. Continue Reading
-
News
05 Dec 2023
Exposed Hugging Face API tokens jeopardized GenAI models
Lasso Security discovered more than 1,600 exposed Hugging Face API tokens provided access to generative AI and large-language models contained in hundreds of repositories. Continue Reading
-
News
05 Dec 2023
Ransomware ramps up against private sector in November
Ransomware disclosures and reports increased again in November, with the most disruptive and dangerous attacks occurring against healthcare organizations. Continue Reading
-
Feature
01 Dec 2023
How to solve 2 MFA challenges: SIM swapping and MFA fatigue
While MFA improves account security, attacks still exploit it. Learn about two MFA challenges -- SIM swapping and MFA fatigue -- and how to mitigate them. Continue Reading
-
Definition
30 Nov 2023
privacy policy
A privacy policy is a legal document that explains how an organization handles any customer, client or employee information gathered in its operations. Continue Reading
-
News
30 Nov 2023
Black Basta ransomware payments exceed $100M since 2022
Insurance provider Corvus and blockchain analytics vendor Elliptic partnered to examine how much damage the Black Basta ransomware group has caused in less than two years. Continue Reading
-
News
29 Nov 2023
Okta: Support system breach affected all customers
Okta warned customers that they face an 'increased risk of phishing and social engineering attacks' after new details emerged from a breach that occurred earlier this year. Continue Reading
-
News
28 Nov 2023
Europol, Ukraine police arrest alleged ransomware ringleader
Europol and Ukraine's National Police arrested the alleged leader of a ransomware gang last week, along with four accomplices, dismantling the cybercrime group. Continue Reading
-
News
27 Nov 2023
Threat actors targeting critical OwnCloud vulnerability
Researchers observed exploitation attempts against a vulnerability affecting OwnCloud's Graph API app, highlighting threat actors' continued focus on file-sharing products. Continue Reading
-
Feature
27 Nov 2023
How passwordless authentication aids identity security
Enterprise Strategy Group's Jack Poller discusses survey results on user authentication practices and explains the security benefits of passwordless methods. Continue Reading
-
News
22 Nov 2023
CISA relaunches working group on cyber insurance, ransomware
Following a hiatus, the Cybersecurity Insurance and Data Analysis Working Group will relaunch in December to determine which security measures are most effective to reduce risk. Continue Reading
-
Tip
22 Nov 2023
Offline backups are a key part of a ransomware protection plan
Ransomware resilience relies not on a single tool, but on several layered protections. Offline backups are a critical layer in a ransomware protection strategy. Continue Reading
-
News
21 Nov 2023
CISA, FBI warn of LockBit attacks on Citrix Bleed
The latest advisory on exploitation of the Citrix Bleed vulnerability confirmed that the LockBit ransomware group perpetrated the attack on Boeing. Continue Reading
-
Tip
20 Nov 2023
15 benefits of outsourcing your cybersecurity operations
For companies battling data breaches and cyberattacks, MSSPs can offer lower costs, better reliability, broader experience, more skills and other benefits. Continue Reading
-
News
16 Nov 2023
CISA, FBI issue alert for ongoing Scattered Spider activity
The government advisory follows several high-profile attacks attributed to Scattered Spider, which uses advanced social engineering techniques like SIM swapping. Continue Reading
-
News
16 Nov 2023
Alphv ransomware gang claims it reported MeridianLink to SEC
MeridianLink said it recently identified a "cybersecurity incident," but the Alphv ransomware gang claims it breached the company and compromised customer data. Continue Reading
-
Definition
16 Nov 2023
What is cyber hygiene and why is it important?
Cyber hygiene, or cybersecurity hygiene, is a set of practices individuals and organizations perform regularly to maintain the health and security of users, devices, networks and data. Continue Reading
-
News
15 Nov 2023
LockBit observed exploiting critical 'Citrix Bleed' flaw
The Financial Services Information Sharing and Analysis Center warned that LockBit ransomware actors are exploiting CVE-2023-4966, also known as Citrix Bleed. Continue Reading
-
News
14 Nov 2023
Cryptocurrency wallets might be vulnerable to 'Randstorm' flaw
Cryptocurrency recovery company Unciphered discovered a vulnerability in a JavaScript Bitcoin library that could jeopardize private keys. Continue Reading
-
News
13 Nov 2023
LockBit ransomware gang claims it leaked stolen Boeing data
Boeing confirmed that it experienced a cybersecurity incident following LockBit's claims, but the aircraft manufacturer has not directly confirmed a ransomware attack. Continue Reading
-
News
08 Nov 2023
FBI: Ransomware actors hacking casinos via third parties
A new Private Industry Notification focuses on ransomware trends involving attacks against casinos as well as a callback phishing campaign perpetrated by the Luna Moth gang. Continue Reading
-
News
07 Nov 2023
Microsoft, ZDI disagree over Exchange zero-day flaws
Microsoft said it had previously fixed one of the flaws and that the others did not require a patch. Trend Micro's Zero Day Initiative, however, disagreed with the software giant. Continue Reading
-
News
06 Nov 2023
Ransomware continues to rise in October across all sectors
Ransomware disclosures and reports surged last month, leading in some cases to bankruptcy filing, prolonged business disruptions and ambulance diversions for hospitals. Continue Reading
-
News
03 Nov 2023
Okta breach led to hijacked sessions for 5 customers
Okta provided a detailed timeline of the events surrounding the breach against its customer support case management systems and said five customers had sessions hijacked. Continue Reading
-
News
31 Oct 2023
No patches yet for Apple iLeakage side-channel attack
Apple said it is working on more complete fixes for the iLeakage side-channel attack technique, but only one partial mitigation is currently available to macOS customers. Continue Reading
-
Opinion
31 Oct 2023
Collaborate with third parties to ensure enterprise security
Third-party risk is a major threat today, as evidenced in numerous recent breaches. Organizations must work with partners to ensure their data is protected properly. Continue Reading
-
News
31 Oct 2023
Dual ransomware attacks on the rise, but causes are unclear
While the FBI warned enterprises of an increase in dual ransomware attacks, infosec experts said there's insufficient data to consider the threat a trend. Continue Reading
-
Definition
30 Oct 2023
ISO 27002 (International Organization for Standardization 27002)
The ISO 27002 standard is a collection of information security management guidelines that are intended to help an organization implement, maintain and improve its information security management. Continue Reading
-
Tip
30 Oct 2023
What an email security policy is and how to build one
Companies must have an effective security policy in place to protect email from cybercriminals and employee misuse. Learn how to build one for your company. Continue Reading
-
Tip
27 Oct 2023
How to create a cybersecurity awareness training program
Cybersecurity awareness training often misses the mark, leaving employees undereducated and organizations vulnerable to attack. Here's how to succeed where too many fail. Continue Reading
-
Podcast
26 Oct 2023
Risk & Repeat: Okta under fire after support system breach
This podcast episode covers a security breach suffered by identity vendor Okta involving its customer support systems, which has sparked criticism from customers. Continue Reading
-
Tip
26 Oct 2023
How to create a company password policy, with template
Use these guidelines and our free template to ensure your company's password policy sets the ground rules for strong and effective password creation and use. Continue Reading
-
Tutorial
24 Oct 2023
How to use SDelete to ensure deleted data is gone for good
When data is deleted from a disk, is it gone? One way to make sure file info is permanently erased is to use SDelete, a utility specifically tailored to remove key data. Continue Reading