Data Leakage from Encrypted Databases

Schneier on Security

Matthew Green has a super-interesting blog post about information leakage from encrypted databases. academicpapers databases encryptionIt describes the recent work by Paul Grubbs, Marie-Sarah Lacharité, Brice Minaud, and Kenneth G. Paterson.

Cryptolocking WordPress Plugin Locks Up Blog Posts

Threatpost

A new type of malicious plugin has been spotted in the wild with the capability of targeting individual blog posts. Cryptography Malware Web Security blog posts cryptolocking Encryption malicious plugin malware Sucuri wordpress wpsecurity

Blog 82

Is All Encryption Equal?

Thales eSecurity

Data encryption has been around almost since the age of computers. In truth, anyone with minimal experience can write a simple script that uses default services built into virtually every OS to encrypt data. The answer to these question changes your encryption strategy.

Guest Blog: End-to-End Data Encryption with Data Reduction from Thales & Pure Storage

Thales eSecurity

At the 2019 RSA Conference, Pure Storage and Thales introduced Vormetric Transparent Encryption for Efficient Storage – the IT and security industries’ first end-to-end data encryption framework that realizes storage array data reduction. Storage Costs of Encrypted Data.

How Encryption Became the Board’s New Best Friend

Thales eSecurity

For many years, encryption has been viewed as a burden on businesses – expensive, complex and of questionable value. While 97% of IT experts indicated they are going through some type of digital transformation, only 30% have adopted an encryption strategy. Enter encryption.

The GDPR: Requirements for encryption

IT Governance

Six months since the GDPR (General Data Protection Regulation) came into force, pseudonymisation and data encryption remain the only technology measures specifically mentioned in the famously technology-agnostic Regulation. But what exactly is meant by ‘pseudonymisation’ and ‘encryption’?

Database Encryption Key Management

Thales eSecurity

Large data scale breaches have led an increasing number of companies to embrace comprehensive encryption strategies to protect their assets. Solutions for Transparent Database Encryption. Streamlining operations and improving security.

Two New Papers on the Encryption Debate

Schneier on Security

Seems like everyone is writing about encryption and backdoors this season. Policy Approaches to the Encryption Debate ," R Street Policy Study #133, by Charles Duan, Arthur Rizer, Zach Graves and Mike Godwin. Encryption Policy in Democratic Regimes ," East West Institute.

Encryption trends and predictions over 50 years

Thales eSecurity

Modern encryption can trace its root back to before WWII when Alan Turing built a modern computer in order to break the Enigma. We’ve also seen promising approaches, such as homomorphic encryption, come out of academia that have yet to find common practice in real-world applications.

STOP ransomware encrypts files and steals victim’s data

Security Affairs

” reads a blog post published by Bleepingcomputer. ” One of the variants analyzed by BleepingComputer encrypts data and appends the.promorad extension to encrypted files, then it creates ransom notes named _readme.txt as shown below.

Why Enterprises Should Control Their Encryption Keys

Thales eSecurity

Cloud providers have done a good job of integrating default encryption services within their core infrastructure. However, as discussed in previous blogs , the encryption service is only as secure as the keys that are used to encrypt the data.

Boards Now Face ‘the Encryption Question’

Thales eSecurity

So, what are we doing about encryption?”. A spokesperson later added that this will focus on ensuring universal encryption of passport numbers. Marriott’s response may well set a new normal, in the travel industry: all sensitive traveler data should be encrypted.

When Encryption Meets Flash Arrays

Thales eSecurity

To combat threats and keep data safe, IT teams must employ robust encryption, key management, and access controls. To secure storage, many organizations have been leveraging native encryption offerings from their storage vendors.

Does Encryption Really Protect My Cloud Data?

Thales eSecurity

To address this, many regulations and enterprise policies turn to encryption as a safe and efficient way to protect data. Encryption adds security at the root of the risk, which is not at the client, server, or device layer but rather at the data itself.

To Go Native, Or Not to Go Native. A Cautionary Tale About Database Encryption

Thales eSecurity

As a result, database encryption has never been more crucial in order to protect the massive amounts of information that is held in the diverse mix of databases that large enterprises rely on today, including relational, SQL, NoSQL and big data environments. Database Encryption

Thales Wins Cybersecurity Excellence Awards for Encryption and Identity and Access Management Solutions

Thales eSecurity

Thales’s SafeNet Data Protection on Demand and SafeNet Trusted Access solutions have won the gold award in the Encryption and Identity and Access Management categories of the 2019 Cybersecurity Excellence Awards.

Multi-cloud use, regulatory compliance and information protection drive new era of encryption and key management in France

Thales eSecurity

Now in its 13 th year, our Global Encryption Trends Study that is performed by the Ponemon Institute reveals interesting findings that span a dozen different geographies. Below I have highlighted other key trends revealed in the 2018 France Encryption Trends Study. Encryption

A RESTful API Delivers Flexibility for Vormetric Application Encryption

Thales eSecurity

One of the long standing challenges with security applications that involve data encryption has been key management. Vormetric Application Encryption. Today’s Vormetric Application Encryption provides a library that provides the PKCS #11 interface as a dynamically loadable library (.DLL)

U.S. Healthcare Industry Needs a Shot in the Arm When it Comes to Data Protection: 70% experienced a breach; Less than 38% are encrypting even as threats increase

Thales eSecurity

They’re counting on the fact that only 38% or less of healthcare organizations encrypt data. Unfortunately, healthcare organizations fail to encrypt everything even as they face this ever-expanding threat surface due to the sheer volume of personally identifiable information they process.

The Multi-Cloud Era Creates New Encryption Challenges

Thales eSecurity

Key Findings from the 2018 Global Encryption Trends Study. No core technologies are more fundamental to data protection than encryption and key management. 39% encrypt extensively in public cloud services, a number which has grown significantly just in the past year.

Key Findings from the 2017 Thales Encryption Trends Study: Australia

Thales eSecurity

The 2017 Thales Encryption Trends Study Australia found the IT department’s influence over encryption strategy has more than halved in the past five years from 59 per cent to 28 per cent. Security: moving up the executive stack.

Key Findings from the 2017 Thales Encryption Trends Study: Australia

Thales eSecurity

The 2017 Thales Encryption Trends Study Australia found the IT department’s influence over encryption strategy has more than halved in the past five years from 59 per cent to 28 per cent. Security: moving up the executive stack.

National Academy of Sciences Encryption Study

Data Matters

After supporters and opponents of mandated government access to encrypted communications publicly feuded for much of 2016, reprising arguments they’ve had since at least the days of the “Clipper Chip,” these “encryption debates” seemed to quiet down for much of last year. Wray further argued that, while the FBI “supports information security measures, including strong encryption[,]. Few would describe 2017 as a quiet year.

RSA 2019 Blog Series: Securing Microservices

Thales eSecurity

Among the topics I will address at RSA and in this series of blog posts include: What questions should security professionals be asking about microservices? Do I encrypt it? The post RSA 2019 Blog Series: Securing Microservices appeared first on Data Security Blog | Thales eSecurity.

Blog 67

Making the Case for Encryption in the Era of Digital Transformation – Highlights from our Annual Data Threat Report

Thales eSecurity

A great way to mitigate some of the risks associated with cloud or multi-cloud environments is to deploy encryption solutions. In fact, 38% of organizations’ security concerns with cloud environments would be alleviated with data encryption at the service provider level. Beyond alleviating cloud concerns, encryption was identified as the top tool to drive the use of other digitally transformative technologies like, big data, IoT and containers, according to this year’s DTR.

PCI DSS compliance: a range of encryption approaches available to secure your data

Thales eSecurity

In this blog, I take it a step further with a discussion about the options available for securing data. Not all types of encryption give you the coverage and flexibility you need. One of the most common and most effective approaches to protecting data is encryption.

Facebook Will Shift to Emphasize Encrypted Ephemeral Messages, Zuckerberg Says: eDiscovery Trends

eDiscovery Daily

In a post to Facebook last week, founder Mark Zuckerberg outlined a vision of the future that includes end-to-end encryption and an ephemeral lifespan for private messages and photos.

The importance of encryption in complying with Australia’s Privacy Amendment Act

Thales eSecurity

One thing all of these incidents have in common is how accessible the leaked information was after the breaches themselves occurred, something that could have been avoided had the data been encrypted.

2018 top tech predictions

OpenText Information Management

Over the next 10 years, there will be five billion … The post 2018 top tech predictions appeared first on OpenText Blogs. It is an amazing time for technology and to be a citizen of the world. Every company is transforming into a software company and finding ways to disrupt themselves.

RSAC 2019 Blog Series: Taking the Risk out of Digital Transformation: RSAC 2019’s Quest for Delivering “Better”

Thales eSecurity

In our recently launched 2019 Data Threat Report-Global Edition , we found that 97% of enterprises are using sensitive data within digitally transformative technology but, only 30% are encrypting that data.

ICO Stresses Importance of Encryption for Data Security

Hunton Privacy

On August 28, 2013, on the UK Information Commissioner’s Office’s (“ICO’s”) blog, Simon Rice, Technology Group Manager for the ICO, discussed the importance of encryption as a data security measure. He stated that storing any personal information is “inherently risky” but encryption can be a “simple and effective means” to safeguard personal information and reduce the risk of security breaches. Selecting the Correct Encryption Method. Safeguarding the Encryption Key.

Guest Blog: Why it’s Critical to Orchestrate PKI Keys for IoT

Thales eSecurity

By coordinating all verified machine identities, you can verify the security of machine-to-machine connections and communications for IoT, enabling the creation of secure encrypted tunnels at machine speed and scale.

IoT 76

Cybersecurity Awareness Month Blog Series: It’s Cybersecurity Awareness Month – advice to SMBs

Thales eSecurity

Take the time to remind anyone doing business with you to: Encrypt sensitive data – keep it protected as it travels to its final destination. This October marks the 15 th year of Cybersecurity Awareness Month.

Ten things impacting the world: the nature of commerce

OpenText Information Management

Smartphone companies are leading the disruptive charge with … The post Ten things impacting the world: the nature of commerce appeared first on OpenText Blogs. CEO Blog Bitcoin blockchain blockchain technology CEO blog Compliance crowdfunding cryptocurrencies Digital Supply Chain Encryption machine learning mark barrenechea mobile wallet OpenText P2P networks peer-to-peer networks quantum computing real-time data security Ten things impacting the world virtual currencies

Cybersecurity Awareness Month Blog Series: Using Technology to Safeguard the Nation’s Critical Infrastructure

Thales eSecurity

In this blog post, I’ll discuss: Our current perimeter defense; The need to shift to a data-centric security approach; and, The need to educate the public to strengthen our critical infrastructure security posture.

Blog 71

GUEST ESSAY: Why the hack of South Korea’s weapons, munitions systems was so predictable

The Last Watchdog

In today’s environment for commercial business, let alone government security and defense agencies, the de rigueur approach for cyber security necessarily includes end-to-end encryption, single sign-on, and two-factor authentication, at minimum. End-to-end encrypted data, otherwise known as “edge” or Zero Trust encryption, expects an attacker to penetrate the networks over time, but protects the data by encrypting it at all times.

FTC Posts Fifth Blog in Its “Stick with Security” Series

Hunton Privacy

On August 18, 2017, the FTC published the fifth blog post in its “Stick with Security” series. For example, a business that adopts tried and true encryption methods accepted by industry, and incorporates these methods into product development, acts more prudently than a business that uses its own proprietary method to obfuscate data. Ensure Proper Configuration : When businesses choose to use strong encryption, they need to ensure they have configured it correctly.

New Australian Backdoor Law

Schneier on Security

Note: Many people e-mailed me to ask why I haven't blogged this yet. australia backdoors cryptowars cryptography encryptionLast week, Australia passed a law [link] the government the ability to demand backdoors in computers and communications systems.

GDPR: Data transfers outside the EU – what are the rules?

IT Governance

This blog has been updated to reflect industry developments. Pseudonymisation and encryption. The GDPR advises organisations to pseudonymise and/or encrypt all personal data. Encryption also obscures information by replacing identifiers with something else.

GDPR 65

Hacker broke into super secure French Government’s Messaging App Tchap hours after release

Security Affairs

The popular French white hat hacker Robert Baptiste (aka @fs0c131y) discovered how to break into Tchap , a new secure messaging app launched by the French government for encrypted communications between officials and politicians.