Leave a review for our podcast & we'll send you a pack of infosec cards.
It’s been reported that 85% of businesses are in the dark about their data. This means that they are unsure what types of data they have, where it resides, who has access to it, who owns it, or how to derive business value from it. Why is this a problem? First, the consumer data regulation, GDPR is just a year away and if you’re in the dark about your organization’s data, meeting this regulation will be a challenge. Organizations outside the EU that process EU citizens’ personal data, GDPR rules will apply to you.
Second, when you encounter attacks such as ransomware, it’s a bit of a mess to clean up. You’ll have to figure out which users were infected, if anything else got encrypted, when the attack started, and how to prevent it from happening in the future.
However, what’s worse than a ransomware attack are ones that don’t notify you like insider threats! These threats don’t present you with a ransomware-like pop-up window that tells you you’ve been hacked.
It’s probably better to be the company that got scared into implementing some internal controls, rather than the one that didn’t bother and then went out of business because all its customer data and trade secrets ended up in the public domain.
In short, it just makes good business and security sense to know where your data resides.
Other articles discussed:
- The GOP data leak contains a wealth of personal information on roughly 61 percent of the US population
- End-to-end security could be mandatory across most of Europe
- What’s so exciting about behavioral biometrics?
- Learn more about the Orange is the New Black ordeal and the family-owned post production studio that had to deal with it.
Tool of the week: DNSTwist
Panelists: Mike Thompson, Kilian Englert, Mike Buckbee