At Bearer, we often get asked: “How do you detect and classify data just by scanning the source code?” To answer that, we need to answer two important questions.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week let’s zoom in on Privacy Enhancing Technologies (PETs), which deals with the common, yet pressing concern of data privacy and security. Illustrated by Balaji K R

Conversations about consumer data privacy grow louder each year, with the news headlines to match. Trust in the technology sector is now at an all-time low and customers are increasingly concerned about the privacy of their personal information. It’s become a serious topic that all business owners need to follow, not just security specialists and tech bloggers.

2021 was the year of ransomware. You couldn’t watch or read the news without hearing about another business falling victim. Cybersecurity Ventures estimates that a ransomware attack took place every 11 seconds in 2021, with global damages reaching an estimated $20 billion – that is 57x more than it was in 2015. Unfortunately, the reality is that ransomware is here to stay, and every organization, regardless of industry or size, is a potential target.

Data exfiltration, quite simply, is the risk of your data ending up somewhere it doesn’t belong. Though this definition might seem simple, understanding this risk is quite complicated — especially as companies migrate their data into the cloud. Companies that work remotely using cloud platforms like Google Drive, AWS, or Jira often struggle to maintain the visibility needed to ensure their data remains secure.

PII, or Personally Identifiable Information, is any information that directly or indirectly identifies an individual, such as name, address, payment information, or contact information. The U.S. The Department of Homeland Security defines a second category of PII: Sensitive PII, which includes Social Security Numbers, driver’s license numbers, Alien Registration numbers, financial or medical records, biometrics, and criminal history.

Have you considered how often your phone number has been shared? Most of us give out our cell phone numbers all the time – to friends, acquaintances, colleagues, and even big, monolithic, impersonal companies. We may even print them on business cards or list them on public forums. A cell phone is no longer just a way to contact someone to engage in conversation.

Your Microsoft 365 data is a prime target for ransomware. Attackers know that Microsoft 365 lives directly in the path of business-critical operations now more than ever. As highlighted by Mandiant – one of the industry's leading cyber security firms – this translates to “targeted threat groups investing a lot of time and money into understanding Office 365 and understanding how to attack it.”

Data loss can cause tremendous damage to a business. It diminishes trust in your brand and can lead to financial losses from lawsuits, fines for non-compliance, and theft of intellectual property. Data loss prevention (DLP) is the set of practices and tools designed to prevent data leakage through intentional and unintentional misuse. These practices and tools include encryption, detection, preventative measures, educational pop-ups, and even machine learning to identify vulnerabilities.