The 5 Steps to Effective Data Classification: Identify your sensitive and high value data Discover the location and accessibility of your sensitive data Classify data according to its value to the organization Secure: employee security control and protection measures Monitor: measure and evolve security practices Using data...

Why should the financial services sector adopt a data classification strategy? Because more than nine out of ten (95%) of data breaches are financially motivated, according to this year’s Verizon Data Breach Investigations Report. Within the finance and insurance sector specifically, the rates were as high as 97% — no surprise there. However, what may be surprising is that most of these...

When it comes to data privacy, financial services is one of the most highly regulated industries, and as a result, finance organizations face immense pressure to protect the data they are creating, collecting, and storing. Let’s take a deeper dive into what pressures are put on financial organizations to protect their data, and what they can do to...

The Export Administration Regulations (EAR) are a set of regulations administered by the U.S. Department of Commerce to control the export of certain goods and technologies from the United States for reasons of national security and foreign policy. Here is a breakdown of the essentials your organization should know for proper compliance. The Export...

An Introduction to FedRAMP In late 2011, the Office of Management and Budget under the Obama Administration released a memorandum that introduced the Federal Risk and Authorization Management Program (FedRAMP), noting that “[in the two years prior], the Administration worked in close collaboration with the National Institute of Standards and...

What Is ISO 27001?ISO 27001, also known as ISO/IEC 27001, is a widely recognized international standard that defines best practices for implementing and managing information security in an Information Security Management System (ISMS).Since it was first developed, the goal of the standard has been to provide a model for establishing, implementing,...

Editor’s Note: This blog post was co-authored by Clayton Barnard, Senior Director, Global Alliances at Lookout, and Corey Markell, Associate Director, Strategic Resource Group at Fortra. The first steps for any organization in creating a data security strategy are accurately identifying all of their sensitive information and securing that data from...

To implement or not to implement? That is the question when evaluating a new technology solution for your organization. Complicating the often daunting decision are the preconceived notions held at various organizational levels as to whether the solution is necessary, or more trouble than it’s worth. This can become especially problematic when...

Trust is one of the most important aspects of business, especially when it comes to the collection and use of people’s personal data. As consumers advocate for organizations to take more precautions in handling their personal data, legislative bodies are listening, and more data privacy regulations are being passed globally each year. Being...

When you see or hear the term “data breach” in the media, is the first thought that there must have been a hacker involved? It may surprise you to know that hackers aren’t the main cause of data loss and data breaches within organizations. Most can be attributed to insider threats, mainly by employees just trying to do their job who make a negligent...

The GDPR in Europe was one of the first major data privacy regulations to be implemented in recent times, followed closely by the CCPA in the United States. And since its enforcement, GDPR has been seen as the “gold standard” when it comes to data protection regulations. However, it is important to remember that each data privacy regulation has...

Hardly a day goes by without a media report about a data breach that involves exposed personally identifiable information (PII). In the same way an organization takes care of its employees, customers, and finances, it also needs to ensure its sensitive data, such as PII, is well protected. Let’s explore what constitutes as PII, the consequences of...

Cloud-based work environments are both convenient and cost-effective, especially in today’s remote world, but can present a challenge when it comes to meeting both regulatory compliance requirements and ensuring the protection of sensitive data. In order to maintain the protection of sensitive data when moving to and from the cloud, a consistent...

At first glance, it appears that data classification and Zero Trust, a cybersecurity framework, would have nothing to do with one another. After all, each has its own separate specialized function – data classification labels data based on sensitivity, and Zero Trust is meant to keep unauthorized users from gaining access to company systems and data...

Data privacy regulations have really come into play over the last four years. Consumers are becoming more concerned about the disclosure and use of their data and trust is playing a key role. According to a survey conducted by Salesforce, 48% of consumers said they had lost trust in brands during the pandemic due to misuse of personal information....

It’s no surprise to anyone that the amount of data that exists is rapidly growing. A report by IDC predicts that by 2025, the global datasphere will have grown to 175 zettabyes. To put in perspective how much data this truly is, one zettabyte is equal to one trillion gigabytes – that is an astronomical amount of data. Needless to say, humans are not...