insider_threat1

They’re heeeeere! Hackers are already inside.

I’m just gonna go ahead and put it out there. With today’s technologies in operating systems, networking protocols, user experience and the mobility expansion, we’ll never be safe! It is time that organizations of every size start focusing on what to do after they’ve been hacked, and how to limit the attack expansion, rather than thinking that […]

Read More
Data_Masking

Training and Testing Environments, Keep it Real!

First, what are testing and training environments? A testing environment is a setup of the software and hardware (physical or virtual) on which the testing team is going to test the newly developed software or software updates. A training environment is often a “small” replica of the production environment, in which employees are being trained on new […]

Read More
stealingdata

The Lack of Database Encryption Efficiency

Each time people use the sequence of words: “Database Encryption” it provides them with some sort of false tranquility. A famous CISO of a large company said the following to me two months ago. “Ohhh, I use database encryption, I don’t see any added value in a database security solution”. Database encryption, all started: many many […]

Read More
nsa-government-spying-2

The NSA is not alone – Governments can get to you anytime, anywhere!

For the past two decades, the Internet revolution has expanded everywhere, and it’s not done yet. The 1990’s  marked the exposure and availability to a single unified interconnected network where anyone can communicate in many different ways. While we were all mesmerized by the new possibilities for new technologies, most governments realized that this route of […]

Read More
Separation_Duties

The Human Vector: How Social Media Can Put your Company Risk

The Information Security Layers model tries to map and harden the possible affected exposed vectors of an organization. In the early days it was mostly about external threats, so we all placed firewalls, secure mail gateways, web filtering and intrusion prevention systems to cover any external connectivity such as the internet and intranet connections we had. […]

Read More
segreagation_duties1

Hey hacker, publish my sensitive data. Please!

Isn’t it a shame that we have entered an era where we actually want hackers to publish our sensitive information just so we’ll know we’ve been breached? Many in the field of information security and data leakage prevention know that tons of the most sensitive information stolen from endless amounts of breaches is being dumped by hacker groups and […]

Read More