EU Data Protection: When Your Organization's Lifeblood becomes Poisonous

Damian Hallmark

A breaking development in the EU is creating ripples that have the potential to create a global tsunami. A European Court of Justice opinion has implications that highlight the pending impact for any global organization processing EU personal information outside of the EU.

A privacy campaigner has scored a legal victory that could bolster his attempts to prevent Facebook from being able to pass EU citizens' data to the US authorities in what the campaigner suggests could have far-reaching consequences. The opinion issued by the European Court of Justice says that current data-sharing rules between the 28-nation bloc and the US are "invalid." This decision could affect other tech firms' abilities to send Europeans' information to US data centres. 

Celebrating Our 5-Star Rating from SC Magazine for EnCase Endpoint Security

Mitchell Bezzina

We’re chuffed to announce that our EnCase® Endpoint Security product was given a five-star rating in this month’s SC Magazine Endpoint Security group product review. Those of us working in security for a few years have known that “endpoint security” doesn’t equal antivirus anymore, and it’s taken a little while for that to be unanimously accepted. We believe this review validates the need for endpoint detection and response to aid perimeter, network and log tools – and is something of a turning point as well.

Defending Your Security Program: The FTC, Breach Class Actions, and You

Roger Angarita

Data breaches continue to fuel major media bonfires, CEOs are resigning, and the FTC is gaining ground in becoming the data-protection enforcers on behalf of consumers and business customers. Now in the wake of the Ashley Madison, Neiman Marcus, and Home Depot cyber-attacks, critical court decisions are occurring that will may raise protection standards and increase corporate liability. The smoke signal arising from the judicial system last month was the Third Circuit’s ruling affirming the data security authority of the Federal Trade Commission (FTC) in Federal Trade Commission v. Wyndham Worldwide Corp.

What Hit OPM? What We Know So Far

Paul Shomo

It’s been almost a month since the OPM breach, and there’s been much speculation and leaks pointing to the details of the attack. Here is a recap of released information so far:

June 4, 2015 - OPM announces they’ve been breached.

June 8, 2015 - Guidance Software announces that EnCase® was used in OPM’s investigation. I am quoted by SC Magazine, hinting that the PlugX Remote Access Trojan (RAT) was utilized by OPM’s attackers. 

Office of the Secretary of Defense Calls for Emphasis on Detection and Response

Anthony Di Bello

This week, in response to the OPM breach, Chris Carpenter, the Security Director at the Office of the Secretary of Defense called for an emphasis on detection and response capabilities.

The reason, Carpenter noted, is that there is a clear window of opportunity within which to find attackers inside the network and cut off their access before they have a chance to exfiltrate data. This is backed up by the fact that the vast majority of breach disclosures note that the attackers had been inside for a period of time prior the data exfiltration.