The Nightfall blog is a resource for information security professionals to learn more about the challenges we face in the industry. Every week, Nightfall publishes news and insights from the world of cloud security to help you stay current with the cybersecurity world and better prepare for threats before they become serious problems.In January, we hosted two additional infosec leaders on the CISO Insider podcast: Compass CISO J.J. Agha and LifeOmic Chief Legal Officer Lisa Hawke. On the Nightfall blog, we research key topics for infosec leaders right now: how data loss prevention impacts the bottom line of every business, why you need to protect data in Confluence, and the differences between network, endpoint, and cloud DLP.We look forward to keeping you in the know with data security and DLP trends in 2021. Thanks for keeping up with Nightfall!
CISO Insider S1E3 – The OODA Loop with J.J. Agha
On the CISO Insider podcast, we host interviews with CISOs and security executives with a broad set of backgrounds, from hyper-growth startups to established enterprises. Through these interviews, we’ll learn how industry experts overcame obstacles, navigated their infosec careers, and created an impact in their organizations. In January we spent time with Compass CISO J.J. Agha, where he shares some of the most important learnings from his career as a security leader: the many practical applications of the OODA loop in infosec, how COVID is forcing us all to become better communicators, and why creative problem solving can help us face the neverending challenges of ambiguity while working in tech.Listen to the episode and read the transcript here. For questions, feedback, and suggestions about CISO Insider, including suggestions for CISOs you’d like to hear from, please email us at firstname.lastname@example.org.
CISO Insider S1E4 – Change management and risk triage with Lisa Hawke
LifeOmic Chief Legal Officer Lisa Hawke joined us to share her insights on the hidden skills necessary to succeed as an infosec leader and her journey from working in environmental law to security and compliance. Plus, some birding recommendations in Central Park.Please note that at the time of recording and publishing the interview and blog post, Lisa was in her role as VP of Security and Compliance at Everlaw. She joined LifeOmic in late January 2021.Listen to the episode and read the transcript here. Subscribe to the podcast at CISOInsider.com to get the latest episodes delivered to your inbox. Stay tuned for the rest of our season 1 lineup coming in February, including our discussion with Caterpillar Financial Services CISO Ross Young.
The Economics of Data Loss Prevention
Many business owners aren’t confident that they have the right precautions in place to protect their most valuable resource: data. One survey found that 47% of small business owners found data security to be their biggest challenge; a further 42% said preventing data loss was also keeping them up at night. In a time when budgets are stretched thin and IT teams are working overtime, it can be difficult to justify investing more time and energy in data security.Every business needs to enforce strong data policies — backed by data loss prevention tools –– and dedicate an investment in time, money, and effort. Read how DLP impacts your bottom line.
3 Permanent Security Risks in a Post-Pandemic World
When looking ahead to a time without COVID, there are more questions than answers. In the cybersecurity space, we’re beginning to realize which threats are opportunistic and temporary – and which ones are here to stay. We predict three security risks that will become persistent threats to businesses of all sizes, even when the pandemic is over. Read how cyber threats have evolved over the pandemic – and how to protect your data for the future.
6 Updates to Make to Your Cloud Security Policy in 2021
Organizations across all industries are struggling to protect their valuable information in the cloud, in part because they don’t understand the extent of security measures built-in to cloud platforms. As a result, Gartner predicts that 95% of all cloud security failures (through 2020) will be primarily the customer’s fault.An easy way to uncover vulnerabilities in cloud security is to create and maintain a cloud security policy. Regularly updating your cloud security policy – or creating one if none exists at your company – can provide insight into where your cloud security systems aren’t protecting your data sufficiently or identify where your configurations need to be updated. Read how to get started with updating your cloud security strategy in 2021.
Network, Endpoint, and Cloud DLP: A Quick Guide
At the beginning of 2019, 60% of companies responding to the Insider Threat Report survey reported that they were planning to implement a data loss prevention (DLP) solution. For a few years, organizations have been aware that they need to add data loss prevention (DLP) tools and software to their technology stack in order to safeguard sensitive information collected and stored.However, there’s a common misconception that DLP is just one “thing”. In fact, DLP involves a range of different tools and software solutions that are designed to protect your data via your network, devices, and storage. Data loss prevention can be secured on the network, endpoint, or cloud solution layer. Read how these different types of DLP solutions work and why your organization should consider a holistic approach to data security encompassing protection on multiple fronts.
How is Data Stored in Confluence?
Confluence is one of Atlassian’s most popular collaboration tools, a team workspace where users can create, capture, and coordinate on a variety of project types. Confluence’s role as a hub for sharing documents and creating templates means that, for many organizations, some of their most confidential data may live within their Confluence spaces. As the platform evolves to have more structure, users are sharing even more data via the platform than ever before. The focus of Confluence is to provide a workspace for collaboration and sharing of knowledge. When it comes to providing safeguards to prevent confidential information from being accessed externally, Atlassian relies on third-party apps, like Nightfall AI, to provide DLP functionality within the service. Read what you need to know about Atlassian’s Confluence tool and how to protect your organization’s valuable data.