In the age of digital collaboration and cloud computing, access control is a critical security tool. It is crucial to ensure that only authorized users have access to the appropriate information in order to effectively manage security, adhere to privacy and industry regulations, and safeguard intellectual property (IP) for competitive advantage.

Data is the foundation of modern business strategies. Organisations are navigating a complex landscape to harness the power of their data effectively, from ensuring seamless integration and accessibility to upholding quality standards and compliance, all while fostering strategic data governance. In an era where data holds the key to unlocking AI capabilities and driving advanced analytics, the quest for leveraging sensitive data safely has never been more pressing.

With any IT environment, especially the public cloud, security is a top concern and priority. When leveraging the public cloud, one of the most important steps to ensuring a protected environment is recognizing the shared responsibility model, as it delineates the security obligations between the cloud provider and your organization.

In a significant development in the realm of data security, Verizon Communications has agreed to a $16 million settlement with the Federal Communications Commission (FCC) following a series of data breaches at its subsidiary, TracFone Wireless. The breaches, which occurred between 2021 and 2023, have led to increased scrutiny on Verizon's data protection practices and will result in mandatory improvements to its security measures.

Cybersecurity threats cast an ominous shadow over organizations across all sectors. While the world often associates these risks with profit-driven businesses, non-profit organizations are equally vulnerable targets. And the stakes are alarmingly high. Recent data shows that about 6 cyber-attacks happen every 4 minutes and attacks like the 2022 one on the International Committee of the Red Cross (ICRC) send shivers across non-profits.

Personally Identifiable Information (PII) is any data that uniquely identifies an individual. This can range from apparent details like names and Social Security numbers to more subtle information like IP addresses and login IDs. The growing volume of data collected in our digital age amplifies the significance of distinguishing between sensitive and non-sensitive PII, given their different handling requirements and associated risks.

The Chinese espionage group Daggerfly, also known as Evasive Panda or Bronze Highland, has significantly upgraded its malware arsenal, allowing it to target a wide range of operating systems including Windows, Linux, macOS, and Android. This development marks a notable escalation in the group's cyber capabilities, as detailed in a recent analysis by Symantec.

On July 23, 2024, CrowdStrike Intelligence identified the phishing domain crowdstrike-office365com, which impersonates CrowdStrike and delivers malicious ZIP and RAR files containing a Microsoft Installer (MSI) loader. The loader ultimately executes Lumma Stealer packed with CypherIt.

Data backup is an important part of cybersecurity. Implementing appropriate data backup solutions may save both time and money. Understanding and adhering to current backup procedures is critical, as is partnering with IT workers. Imagine an organization experiencing a sudden hardware failure on their computer. Without proper backups, restoring critical records gets delayed or even impossible. If there is no backup policy in place, one must be created.