Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

While the days of swashbuckling pirates terrorizing the seven seas may be long gone, modern data pirates abound in the vast cyber seas. They set out to steal your company’s crown jewels – data. Today’s document management systems are filled with treasure ready for the taking, from personal data to credit cards and intellectual property worth billions. But beware, your motley crew can pose just as significant a risk as the pirates roaming the cyber seas.

US data transfers... are they allowed? Well. Yes. It depends....it’s complicated. Let’s get stuck in and I’ll explain all. In July this year, the EU Commission made an adequacy decision for the new EU-US Data Privacy Framework (DPF). This can be seen as Safe Harbor 3.0. Essentially, in most scenarios, data transfers from the EU to the US are now permitted without the need for other mechanisms such as Standard Contractual Clauses (SCCs).

This month has been full of new product announcements, including integrations with Microsoft Teams and Notion, as well as various improvements to security team workflows. Read on to learn more about what we’ve been up to this month.

The variety of cloud services that store organizational data continues to proliferate in type and number leading to tension as more governments, policymakers, and organizations consider (or are in the process of) implementing mandates requiring that specific types of data remain within geographical borders. Many organizations need to navigate these data management compliance mandates while also satisfying the competing needs of expediency, cost-effectiveness and, of course, data security.

Despite increasing cybersecurity awareness across the industry, Life Sciences firms continue to experience significant cyberattack volume. In fact, published reports indicate that average Life Sciences data breach now costs more than $5 million, while Life Sciences and Healthcare organizations perennially top the annual list of data breach costs by industry.

In today’s data-driven world, privacy and data protection are paramount. One of the most significant developments in data privacy is Quebec’s Law 25, also known as Bill 64, which was officially adopted on September 22, 2021. This landmark legislation represents a significant step in modernizing Canada’s privacy landscape and introduces several key provisions that businesses must be prepared to address.

In light of the recent data breach at Okta, it’s important to pay attention to the potential risks of sharing HAR files in SaaS data silos like Zendesk.

At Nightfall, we’re guided by our customers who trust us to safeguard their sensitive data for every application and AI tool. That’s why we’ve launched Nightfall for Notion as another step in making it simple and seamless for customers to protect their valuable company and customer information.

You probably expect executive leadership to not just support cybersecurity efforts, but to be involved. New data shows organizations have a way to go until this is a reality. Even if an organization is completely supportive of the cybersecurity strategy, it can’t exist in a technical bubble only. It requires a lot of input – from planning to implementation – to ensure that required business objectives are met as security controls become part of operations and resiliency plans.

Microsoft Azure and Microsoft 365 are among the leading cloud services globally, but their limited Bring Your Own Key (BYOK) capabilities pose potential data security and compliance issues for organisations that must comply with the EU and global data sovereignty laws. Increased government concern over protecting sensitive personal, business, government and defence data in the Cloud has led to a complex regulatory landscape that aims to maintain control of citizen and government data.