We’ve been writing about the GDPR for the past few months now and with the GDPR recently passed into law, we thought it was worth bringing together a panel to discuss its implications. In this episode of the Inside Out Security Show, we discuss how the GDPR will impact businesses, Brexit, first steps you should […]

Continue Reading →

The Password is Dying – IOSS 12


In our last Inside Out Security show – Everything You Need to Know About Passwords – we covered hashes, salting your hash, and creating passwords. However, there are shortcomings to password-based authentication – brute force attacks, passwords stored as plain text, weak passwords, and more! Luckily, as of late, banks and technology companies are exploring really exciting alternatives […]

Continue Reading →



The General Data Protection Regulation (GDPR) took years to become law as the relevant parties engaged in endless rounds of negotiations. It’s not surprising that there are some controversial elements. Time for another GDPR infographic! We’ve boiled down the controversies into three areas: territorial scope, right to be forgotten, and steep fines. Large US and other […]

Continue Reading →

EU GDPR: Data Rights and Security Obligations [INFOGRAPHIC]


The EU General Data Protection Regulation (GDPR) isn’t light reading. However, it doesn’t mean that this law’s essential ideas can’t be compressed and rendered into a highly informative infographic. We’ve been spending the last few months untangling the legalese and looking for ways to simplify the GDPR’s key requirements. One way to view the new […]

Continue Reading →

FYI: EU Network and Information Security Directive


While we’ve been focusing on the EU General Data Protection Regulation (GDPR), there’s another EU security initiative that deserves an honorable mention. First proposed in 2013, the Network and Information Security Directive  (NISD) addresses cybersecurity for “essential services”. The NIS Directive is not nearly as detailed as the GDPR. Its goal is to improve co-operation […]

Continue Reading →

The Essential Guide to Identifying Your Organization’s Most Sensitive Content


What do hackers want? If you answered money — always a safe bet — then you’d be right. According to the Verizon Data Breach Investigations Report (DBIR), financial gain still is the motivation for over 75% of incidents it had investigated. A better answer to the above question is that hackers want data — either monetizeable […]

Continue Reading →

6.2.51 (including DLX) is now GA


We’re excited to announce the GA release of 6.2.51: this release includes a range of enhancements focusing on data security, new integrations, and a more intuitive user interface. Some of the highlights that are now generally available include: New DatAlert Threat Models: Get inside-out security with sophisticated threat models built on advanced analytics, user behavior, […]

Continue Reading →

[Infographic] Varonis Behind the Scenes


With 32 patents issued and 108 patent applications worldwide, we’ve been working hard to help you protect your organization’s data from insider threats and cyberattacks. To get a better idea of what’s happening behind the scenes, we thought it might help to see a few stats. The People Behind the Software We currently have 989 […]

Continue Reading →

After-the-Breach Advice: A Legal Eagle View

pexels-photo (7)

One surprising fact about breach responses at large companies is that IT may not be leading the charge. A few months ago, I was at a legal technology conference in which panelists said the chief legal officers or chief privacy officers manage cyber-incident responses. IT is involved, they noted, but usually in a supporting role. […]

Continue Reading →

EU GDPR Spotlight: Pseudonymization as an Alternative to Encryption


Have I mentioned lately that the EU General Data Protection Regulation (GDPR) is a complicated law? Sure, there are some underlying principles, such as Privacy by Design (PbD) and other ideas, that once you understand, the whole thing makes more sense. But there are plenty of surprises when you delve into the legalese. For example, […]

Continue Reading →

A Guide to PCI DSS 3.2 Compliance: A Dos and Don’ts Checklist


Before you begin, download the PCI Compliance Checklist PDF and follow along! Table of Contents Overview 3.2 updates – What You Need to Know New Compliance Deadlines Multi-factor Authentication PAN Masking and Visibility Stricter Reporting for Service Providers PCI’s 12 Step Program Made Simple Defend Your Cardholder Data Defend Against External Threats Defend Against Internal […]

Continue Reading →