Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This month, the Nightfall team has some exciting product enhancements to share with you, including an expansion of our secrets detectors as well as brand new APIs for automated workflows. Dive in to find out what we've been working on—as well as what's coming next.

Some of you may remember when phones were primarily used for making phone calls. In today’s rapidly evolving digital landscape, our smartphones and tablets have transformed into multifunctional devices, serving as mini-computers, high-resolution cameras, and indispensable companions in our daily lives. They seamlessly keep us connected to the world, offering endless avenues for communication and entertainment.

Let’s dive into a world where data isn’t just growing — it’s exploding — setting the stage for an AI-driven future that’s as exciting as the next sci-fi blockbuster. With innovations like ChatGPT and Neuralink pushing the boundaries of what’s possible, we’re on the precipice of a data revolution.

Welcome to our Data Security Innovators series, where we talk to security practitioners who are navigating the frontiers of security with novel processes and technologies. In this episode, we speak to Kheun Chan, Principal Security Architect at Iron Mountain. Iron Mountain is renowned as one of the world’s best secure information storage and management services, with 95% of the Fortune 1000 as customers of the company.

A recent report from Duke University's Sanford School of Public Policy has shed light on a concerning issue - data brokers are selling vast amounts of highly sensitive information about American military service members. This includes private data about active-duty personnel, veterans, and their families, encompassing sensitive health and financial details. Shockingly, these brokers even offer bulk data for individuals within geofenced military facilities like Fort Bragg and Quantico.

Since the widespread migration to the cloud, DLP has become an essential—yet often dreaded—tool for protecting data from leaks, breaches, exfiltration, and more. It’s no secret that traditional DLP solutions have a less-than-stellar reputation. Security teams are squeezed tighter than ever in terms of time and resources. Needless to say, adding more alerts on top of already daunting workloads is less than ideal. It’s time for a smarter, more sustainable form of DLP.

In today's digital age, organizations are using data in innovative ways to understand their businesses and generate new value, making data the lifeblood of every operation. As a result, data is growing at an unprecedented rate across on-premises, SaaS, and multi-cloud environments. However, this rapid growth presents significant challenges for organizations, as they often struggle to identify sensitive or regulated data, where it’s located, and who has access to it.

New data summarizing the compromises of data in 2023 provides key details on who’s being targeted, what types of data is being compromised, and what attack vectors are being used. I’ve covered reports from the Identity Theft Resource Center (ITRC) – their coverage of attacks over the years has grown to include much more than identity theft.

The United States government has established strict regulations to safeguard intellectual property and military superiority. Compliance with the International Traffic in Arms Regulations (ITAR) is imperative for companies involved with U.S. defense technologies and data. Failure to comply can lead to severe legal and financial repercussions, as well as reputational damage.