The Nightfall blog is a resource for information security professionals to learn more about the challenges we face in the industry. Every week, Nightfall publishes news and insights from the world of cloud security to help you stay current with the cybersecurity world and better prepare for threats before they become serious problems. In January, we hosted two additional infosec leaders on the CISO Insider podcast: Compass CISO J.J. Agha and LifeOmic Chief Legal Officer Lisa Hawke.

Protecting your valuable information is a multifaceted process that requires a layering of tools, policies, and approaches to ensure proper data loss prevention. In addition to having a range of network, endpoint and cloud DLP tools in place, businesses need a strong foundation of policies, guiding principles, and rules underpinning the approach to data security. A cloud security framework is part of this holistic approach to protecting your information in the cloud.

GDPR best practices often focus on how to process and manage personal data, but companies should also consider application security to ensure compliance. The standard cliché used to be that you are what you eat. Which remains true, of course. But it’s also incomplete—so last century. Today, you are what you do online, which is almost everything.

In 2017, The Economist announced that the world’s most valuable resource is no longer oil – it’s data. Since the phrase “big data” was coined in the 1990s, data has become increasingly important to virtually every aspect of running a business – not to mention how we conduct our daily lives. It’s no surprise that some of the most valuable companies are also those that capture the most user data. Take Facebook, for instance.

At Rubrik, every new feature and innovation is developed through our customers’ lens. We are always looking for new ways to work with our customers to truly understand their deepest data management pain points and business objectives. Nothing brings us more joy than hearing that Rubrik brings our customers peace of mind and new value from their backup data.

At Nightfall, we believe in the power of learning from those who have done it before. That’s why we created CISO Insider — a podcast interview series that features CISOs and security executives with a broad set of backgrounds, from hyper-growth startups to established enterprises. Through these interviews, we’ll learn how industry experts overcame obstacles, navigated their infosec careers, and created an impact in their organizations.

If the pandemic, catastrophic wildfires, record-setting hurricane season, and “murder hornets” of 2020 have taught us anything, it’s to be prepared for any situation. In business, the motto is “hope for the best, plan for the worst.” Should some sort of disaster – cyber or otherwise – strike, organizations need to be prepared to maintain business as usual with a strong disaster recovery plan in place.

A new administration in the most influential economy in the world triggers news hopes and expectations in every industry. But if major change were to be on the agenda, what would be the most beneficial, transformative, impactful or prudent new data privacy initiatives that the new US administration ought to introduce? Here’s my top three: The obvious – and trickiest – first area for the new administration is a federal privacy law.

‘Business’ is a verb that practically means the movement of data. If you aren’t sharing data – keeping the books, sharing ideas and stats about sales, getting the correct information regarding the customer or data to the customer – then you aren’t doing much business. But organizations need to protect their data along the way. Infosec has so many ways of protecting those sources of data, so much so that users of the data often complain.

With the administration of COVID-19 vaccines beginning around the world, many of us have begun to look to a future where the pandemic does not totally dominate our lives. Naturally, the way we socialize and work will have shifted. Remote work, for instance, has shown to be more productive and preferable for many businesses. In the cybersecurity space, we’re also beginning to realize which threats are opportunistic and temporary – and which ones are here to stay.