Auditing the Data Hiding in Plain Sight

A Q&A with Chris Pillay of Meridian Technologies

An often-overlooked risk in cyber security is software development and testing, which is often done in house in large companies. To test software, engineers utilize either scrubbed data and where the process of scrubbing personally identifiable information is too complex, costly or time-consuming, live data is used, posing serious security and privacy risks. I learned more about this issue by talking to Chris Pillay, CEO of Meridian Technologies.

Continue Reading

Mitigating Phishing Threats

A Q&A with Bob Bell and Luke Emrich of RSM US; Sudhir Bhati of Symantec; and Ondrej Krehel of LIFARS

Once a crude way for hackers to gain access to sensitive data, phishing attempts have now become increasingly sophisticated and more commonplace. Most concerning, this attack vector relies almost completely on human error, making it a difficult challenge to stamp out. We spoke with several experts—Bob Bell and Luke Emrich of RSM US, Sudhir Bhatti of Symantec and Ondrej Krehel of LIFARS—about how organizations can better arm themselves to avoid phishing scams. Their recommendations fell into three basic categories: training, technology and a combination of training and monitoring.

Continue Reading

Law Firms and Data Breaches: Sensitive Data and Dangerous Practices

A Q&A with Jay Edelson of Edelson PC

Hacking incidents at law firms have led to major data breach events in recent months. Even as all law firms store and handle sensitive client data, many of the smaller organizations tend to lack robust cybersecurity policies and procedures. I spoke with attorney Jay Edelson of Edelson PC about the cases he is bringing on behalf of plaintiffs and what law firms should be doing to avoid or minimize these events.

Continue Reading

No more posts.