EU and US’s Shift to Borderless Data Security Law: Threat to the Internet?


By now, most people in the industry have heard about the upcoming changes to the European data protection rules in moving beyond the 1995 Directive. In the current environment, each member state enacts local rules to comply with the overall Directive. But with the new Data Protection Regulation (DPR) , the rules are set by […]

Continue Reading →

[INFOGRAPHIC] How to Create a Diversity & Inclusion Program


“You should not be doing diversity for diversity sake,” says Allison F. Avery, a Senior Organizational Development & Diversity Excellence Specialist at NYU Langone Medical Center. In my recent interview with Ms. Avery, Infosec Can Implement Diversity & Inclusion Programs to Address Workforce Shortage and Make More Money Too, she clarified common misconceptions about Diversity […]

Continue Reading →

Complying with Canada’s Personal Information Protection and Electronics Documents Act (PIPEDA)


While in the US we’re still struggling with a national data security law, our northern neighbor has had uniform rules since 2000. It’s the law of the land in Canada for private companies to have security safeguards in place to protect personal information and to limit the retention of data. It’s a Privacy by Design […]

Continue Reading →

How Infosec Can Implement Diversity & Inclusion Programs to Address Workforce Shortage and Make More Money Too


Data breaches keep on happening, information security professionals are in demand more than ever. Did you know  that there is currently a shortage of one million infosec pros worldwide? But the solution to this “man-power” shortage may be right in front of and around us. Many believe we can find more qualified workers by investing […]

Continue Reading →

Frogmore Improves Collaboration and Keeps Data Safe from Internal and External Threats with Help from Varonis


Today we’re excited to share a great customer success story out of the UK about how we’ve helped Frogmore’s workforce secure their sensitive data while simultaneously making it easier for employees and business partners to collaborate. A few years ago, Frogmore, one of the U.K.’s premier real estate companies focused on commercial real estate investments, […]

Continue Reading →

Meanwhile Back at the EU: Safe Harbor Framework Ends With a Whimper


Raise your hands if you knew anything about the US-EU Safe Harbor Framework? I mean before you read all the scary headlines. I thought so! This is one of those rare times when researching obscure areas of international data protection law helped me in decoding a tech news story. I had looked into the US […]

Continue Reading →

Varonis Named “Representative Vendor” in Gartner’s New Market Guide for User and Entity Behavior Analytics

Today we’re pleased to share that we’ve been named a “Representative Vendor” in Gartner’s brand new Market Guide for User and Entity Behavior Analytics (UEBA) that highlights the advantages of using UEBA to detect malicious or abusive behavior that often goes unnoticed by existing monitoring systems such as SIEM and DLP. Among its recommendations, Gartner […]

Continue Reading →

Basic PowerShell: Cmdlets and Aliases


Last week’s PowerShell resources were such a huge hit, I thought I’d continue with more PowerShell basics. Knowledge of PowerShell is becoming increasingly crucial, and like all knowledge, it can be used for either good or evil. In addition to increasing your productivity, pen testing expert Ed Skoudis warned in his recent Q&A with Andy […]

Continue Reading →

Our Version 1.0 List of Penetration Testing Resources


I barely scratched the surface of penetration testing in my own blogging, and I’ve already amassed a long list of resources. So rather than withhold any longer, I’ll spill the beans in this initial roundup. As an IT person, you may already have some of these tools or software. In a sense, anything that helps […]

Continue Reading →

Five Insights from the Biggest Insider Data Breaches Around the World


Earlier this year, Andy blogged on Carnegie Mellon University’s Computer Emergency Response Team (CMU CERT) research on insider attacks: specifically their motivation, means and opportunity, and what we can do to prevent them. To quickly review, insiders know that information is an asset. They often have access to the data, know where the data is […]

Continue Reading →