Authentic8 Blog Category: Policy

Fed Up? Fire Up This Cloud Browser.

Illustration: Fed Up? Fire Up This Cloud Browser. - Authentic8 Blog

The Facebook/Cambridge Analytica fiasco did not happen overnight or by “mistake”, as Facebook wants users to believe. The price of “free” services and apps online means the loss of data protection, privacy and transparency.

This isn’t a new phenomenon, it’s not limited to Facebook, and it should not be a surprise to anyone. Venture investment in companies building businesses around “eyeballs” and “clicks” had to convert to hard cash at some point, and that point is the monetization of user data.

In contrast, Authentic8’s cloud browser Silo was built on the trust of its users. How do we honor that trust? We think you have a right to know what we do with your data. But first, some background.

*

So Mark has admitted “mistakes” on behalf of Facebook. As did Marissa before him, for Yahoo. And don’t forget Richard (who?), who apologized - kinda, sorta - for Equifax. And so on…

Did it change anything that these

The Six Biggest Inside Threats to Law Firm IT

Illustration: The Six Biggest Inside Threats to Law Firm IT - Authentic8 Blog

by Jordan McQuown, CIO, LogicForce

Watching the news, you could easily come away with the impression that our greatest security threat emanates from state actors far away, seeking to hack into your law firm.

You might even feel that you are protected. After all, your firm put firewalls and strong external perimeter defense systems in place. Are you sure you didn’t overlook something?

Because in my experience, an external attack is far less likely to cause a data breach than incidental actions of internal employees. I have come to believe that the most prevalent cybersecurity threats are not direct attacks on your perimeter defenses from the outside. Unintentional actions by insiders expose your firm to much bigger risks.

How can you identify and manage these risks to prevent a data breach? I recommend starting by focusing on...

The Six Biggest Internal Cybersecurity Threats

To prevent threats, you must be aware of them. Recently, LogicForce profiled more than 300 law firms for

Inside GDPR: What Does It Mean for U.S.-based Companies?

Illustration: Inside GDPR: What Does It Mean for U.S.-based Companies? - Authentic8 Blog

For our podcast “The Silo Sessions”, Authentic8 CEO Scott Petry spoke with Steve Durbin (Information Security Forum) about the ramifications of the European Union’s General Data Protection Regulation (GDPR) for U.S. organizations.

This podcast transcript has been edited for readability.

*

Scott Petry: I'm joined by a colleague in the information security space, Steve Durbin. Steve, I'll leave it to you to introduce yourself.

Steve Durbin: Hi Scott, thanks very much for having me on. I'm the Managing Director of the Information Security Forum. The ISF is headquartered in London, we’re a not-for-profit organization and we work with many of the world's leading organizations on issues of information security risk management and increasingly, of course, the subject of today's session: what all of that means from a General Data Protection Regulation standpoint.

The GDPR is coming into effect in May of this year.

Scott Petry: Yes, sooner than people expect, I think - although we've had a couple of years

10 IT Weak Spots Hit Hardest by the Cybersecurity Talent Shortage

Illustration: 10 IT Weak Spots Hit Hardest by the Cybersecurity Talent Shortage - Authentic8 Blog

by Larry Loeb

About 350,000 IT positions that require cybersecurity knowledge and skills remain currently unfilled. What impact does the acute talent shortage have on critical day-to-day IT security tasks?

*

According to Bloomberg BNA, 2017 was the Year of the Data Breach. Major institutions and organizations suffered from damaging hack attacks and data leaks.

No wonder that in 2018, many CISOs are growing even more concerned about the acute talent and skills shortage in cybersecurity.

Critical areas and attack vectors go uncovered, due to a lack of personnel. Will more major trouble like last year’s Equifax hack be the result?

By 2022, industry observers expect a shortfall of 1.8 million infosec professionals. The effects of not having the right people in the right slots are varied, but one outcome seems certain: essential tasks will be left undone.

Which IT security to-dos are too easily missed?

A lack of awareness exacerbates the resulting risk for the organization’s overall cybersecurity

GDPR-in-a-Box: New Online Tool Helps Small and Medium-Sized Enterprises

Illustration: GDPR-in-a-Box: New Online Tool Helps Small and Medium-Sized Enterprises - Authentic8 Blog

The European Commission has published a new GDPR online tool to facilitate the application of its new data protection rules.

The General Data Protection Regulation (GDPR) takes effect on May 25th, 2018. The same rules apply to all companies offering services in the European Union or handling the protected data of EU citizens or residents.

This includes U.S. companies, even if they don't have subsidiaries in the EU. The new online tool was developed to assist small and medium-sized enterprises.

Guidance for practical application of GDPR

Knowledge of the new rules is not evenly spread. By some estimates, more than 80 percent of U.S. companies who will be affected (and may face stiff penalties if found non-compliant) have not adjusted their IT and data protection to the new GDPR reality yet.

The new website aims to help individuals, businesses (in particular SMEs) and other organizations to comply and benefit from the new data protection rules.

It includes GDPR basics -