EU GDPR Spotlight: Protection by Design and Default


Privacy by Design (PbD) is a well-intentioned set of principles – see our cheat sheet – to get the C-suite to take consumer data privacy and security more seriously. Overall, PbD is a good idea and you should try to abide by it. But with the General Data Protection Regulation (GDPR), it’s more than that: […]

Continue Reading →

Podcast Episode #9 – Why The Greatest Danger To The Financial System Is Cybersecurity


According to the chair of the SEC, the greatest danger to the world financial system is cybersecurity. And it made me wonder, at what point, while the financial transactions are happening that money is vulnerable? Mike Buckbee and Kilian Englert joined me for an interesting conversation as I inquired about shopping online, using wearables and […]

Continue Reading →

Next-Gen Ransomware (Ransomworm!) Gets Deadlier


Ransomware developers have been busy adding more deadly functions to their evil creations. First we heard about DDOS capabilities appearing in modified versions of Cerber.  Now Microsoft reports that a new ransomware variant has the power to spread like a worm. Known as ZCryptor, it infects other users by dropping an autorun.inf file into removable […]

Continue Reading →

Password Security Tips for Very Busy People


If you needed another reminder that you shouldn’t use the same password on multiple online sites, yesterday’s news about the hacking of Mark Zuckerberg’s Twitter and Pinterest accounts is your teachable moment. Mr. Z. was apparently as guilty as the rest of us in password laxness. From what we know, the hackers worked from a […]

Continue Reading →

3 Malware Stats That Will Annoy You


Earlier this week, it was reported that the Russian police arrested 50 suspected hackers for malware bank attacks. One of the largest arrests of hackers in Russian history, these alleged cybercriminals took over $45 million from banks. This arrest also prevented another potential bank heist that would have netted the cyber thieves $35 million. While this […]

Continue Reading →

Five of our Favorite Videos From RSA 2016


For those who weren’t able to attend their giant security conference in San Francisco, the RSA folks released videos of the sessions on their website. Like I did last year, I binged watched RSA videos over a few days to come up with my faves. Here are five that are worth watching. How to Explain […]

Continue Reading →

DatAnywhere 3.0 is here


DatAnywhere just got better – in addition to the secure enterprise file sync and share features you know and love, we’re thrilled to announce enhanced auditing as part of the beta release for DatAnywhere 3.0. What does it all mean? Well, it means that not only do you now get better reporting about who’s doing […]

Continue Reading →

I’m Kieran Laffan, Sales Engineer at Varonis, and This is How I Work


Welcome to our new “This Is How I Work” series where you’ll get to know a different Varonis employee each quarter. Today, the spotlight’s on Kieran Laffan, a Sales Engineer at Varonis who covers Western Canada. According to his colleague Derek Keen, also a Systems Engineer, Kieran is a fantastic colleague who is well known and […]

Continue Reading →

Hospital Paid Ransom, Didn’t Get All Files Back


Last week, a hospital based in Wichita, Kansas was hit with ransomware. Yes, the hospital paid the ransom in hopes of getting back to business as soon as possible, but the payment only partially decrypted their files. Instead, the cybercriminals demanded more money to decrypt the rest. The hospital refused to pay a second ransom […]

Continue Reading →

Five Scary Stats from the Ponemon’s Latest Privacy & Security of Healthcare Data Report

This job isn't always easy

Healthcare organizations have had a rough year with ransomware. And based on the latest results of the Ponemon Institute’s Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data, it looks like plain data breaches have been also giving them a hard time. The organizations represented include 91 private and public healthcare providers, health […]

Continue Reading →

PCI DSS 3.2: Get With the Program


When last we left the PCI Data Security Standard in version 3.1, it told SSL to hit the road. In the latest DSS, version 3.2 released last month, the PCI folks backed down a little. Existing implementations instead have until June 2018 to remove SSL and early TLS (1.0). So SSL laggards have more time […]

Continue Reading →