News

Readjusting Cloud and Data Privacy Predictions

This year’s sudden, unexpected need for cloud capabilities has helped to shift a very important learning to the forefront: Privacy and security are not corners…

CPRA Could Bring Stricter Data Privacy Enforcement: Here’s How To Prepare

California’s passage of the California Privacy Rights Act (CPRA) on November 3 builds upon the California Consumer Privacy Act (CCPA). The EU’s privacy regulation, GDPR,…

Data protection officer responsibilities and role importance

The data protection officer is a relatively new role that received prominence in the wake of the European Union’s GDPR regulations on data privacy. Data…

cloud misconfigurations

Cloud Misconfigurations: A Surging but Overlooked Threat

Enterprises are migrating their workloads to the cloud with the promise of lower costs, increased agility, and greater flexibility. But misconfigured cloud services are a…

Glowing Blue Circuits

You’re Going to be Using Confidential Computing Sooner Rather than Later

Hardly a day goes by without news of yet another major data breach. Every day–every hour–your computers are under attack. Don’t believe me? I run…

DataSecOps: Protecting Data in the Cloud

DataSecOps melds an automated mechanism to manage data, along with security, in an effective operations setup Data is the backbone of any organization. It’s what…

Cyber Resilient Vendor Relationships for Healthcare’s Threat Landscape

A healthcare third-party vendor breach can have a devastating impact on multiple entities, which means it’s crucial to have cyber resilient vendor relationships to keep…

12 Ways Tech Leaders Can Prepare For A Post-Pandemic World

Tech leaders have definitely stepped up to the plate during the pandemic. Their response to the crisis has been impressive: From helping to develop technology…

Weaving Privacy And Security Into Cloud Migration Is Not Negotiable

A recent study of CIOs offered good news for those concerned about data protection. It reported that 86% of respondents are now viewing security as a higher…

The State Of Cloud Security And Privacy: 5 Key Trends To Watch

When cloud computing was new, questions swirled around the ability of cloud service providers to keep their infrastructure secure. As more and more businesses began…

7MS #427: Interview With Ameesh Divatia From Baffle

Today we’re thrilled to welcome Ameesh Divatia from Baffle back to the program. We first met Ameesh back in episode 349 and today he’s back to discuss…

If You Leave Data Unsecured, Don’t Be Surprised If People Steal It

Talk about having a target on your back, your front and every available side. “Data enrichment” companies are red meat for cybercriminals. As the label…

US Attributes Taidoor RAT To China’s Government. Pegasus Spyware In Togo. The TikTok Affair. More Fallout From The Blackbaud Ransomware Incident.

The CyberWire Podcast: Episode 1144 The US attributes the Taidoor remote access Trojan to the Chinese government. Sources tell Reuters that documents used in an…

This VC Just Closed On $60M To Fund ‘Technical Risk,’ Saying Others VCs Mostly Do Not

Ashmeet Sidana,  a longtime VC who struck out on his own in 2015 to form Engineering Capital, just closed his third and newest fund with $60 million…

Q&A: CCPA Enforcement Arrives, What Merchants Need to Do Now

Merchants were expected to begin complying with the California Consumer Privacy Act (CCPA) in January, but enforcement of the law only began this week on…

CCPA Enforcement To Begin On Wednesday July 1, 2020 – Steps To Get Ready

The California Consumer Privacy Act enters the enforcement phase on July 1, despite pleas by some business groups to delay it because of Covid-19 coronavirus impacts. This…

10 Chief Data Officer Trends That Are Reshaping The Role

The chief data officer role is still one of the newest C-suite titles, but it’s been around for over 15 years. Over that time, the…

Flattening The Curve Without Compromising Privacy And Security

In the midst of the Covid-19 crisis, we are seeing concerted efforts by many entities attempting to slow the spread. Moving to the next phase…

What to know about the proposed CCPA rules

After several rounds of comment periods and amendments, California Attorney General Xavier Becerra submitted the latest round of proposed rules this week for the California Consumer Privacy…

Strengthening Secure Information Sharing Through Technology & Standards

How data sharing, innovation, and regulatory standardization can make it easier for organizations to both contribute and consume critical threat intelligence. In March, the US…

Cloud security and data protection: What enterprises need to know

Data security is rarely the first consideration when choosing a public cloud service provider. That’s changing, though, because of the rise of tougher rules, regulations,…

Two Years In, IT Thought Leaders Evaluate GDPR’s Impact

It’s been two years since the General Data Protection Regulation, or GDPR, was put into force by the European Union on May 25, 2018.  eWEEK has…

Why Information Sharing and Accelerating Response Times Are Critical During a Crisis

In October 2019, the Center for Strategic and International Studies (CSIS) ran three simulated scenarios to map how nations, organizations and economies would respond in…

Privacy vs. public health: Where contact tracing fits

Data privacy leaves room for gray areas. Public health is more black and white. The question is, whether entities — governments, healthcare organizations, businesses —…

How The Global Pandemic Is Impacting Data Privacy And Security

In March, more than 60 companies joined forces to request a delay on the July 1, 2020 enforcement date of the recently enacted California Consumer Privacy Act…

NEWS INSIGHTS: APPLE AND GOOGLE WANT TO TURN YOUR PHONE INTO A COVID-TRACKING MACHINE

The new contact-tracing tool, explained. Apple and Google want to turn your phone into a Covid-tracking machine Apple and Google recently announced a joint plan…

How Mentoring Can Overcome Tech Management’s Big Challenges

What are the biggest challenges in software development? According to a new report, two things in particular dominate development teams’ bandwidth and time: Capacity and…

Interoperability Without Security Undermines Patient Privacy

As our digital footprint grows, the desire to control personal data is more important than ever for consumers. This assertion is especially true as it…

Industry Leaders And Cybersecurity Experts Insight On Marriott International Data Breach

The Marriott International hotel chain has fallen victim to its second major data breach in as many years, after information of 5.2 million guests was…

Solving The Quandary Of Encryption vs. Privacy and Compliance

This is my first dispatch from RSA, which was a month ago…  a lot has (not) happened due to the pandemic. But, better late than…

You’ve Encrypted Your Data in the Cloud, but are Your Keys Safe?

If putting unencrypted data up in a public cloud is like leaving your house unlocked, keeping encrypted data and the encryption keys in the same…

The 12 Hottest Identity And Data Protection Tools Unveiled At RSA 2020

Defending Users And Their Information  Vendors attending RSA 2020 have invested heavily in making it easier for customers and partners to isolate sensitive data and…

Are Your Data Security Protocols CCPA-Ready?

If you operate a business in California, you know that the California Consumer Privacy Act (CCPA) became law on January 1 this year. Similar to the EU’s General…

CCPA and GDPR: The Data Center Pitfalls of the ‘Right to be Forgotten’

Compliance with the new privacy rules doesn’t always fall on data center managers, but when it does, it’s more difficult than it may sound. The…

2020 Cyberrisk Landscape

In this year’s Allianz Risk Barometer, cyber incidents were named the top risk to businesses worldwide, cited by 39% of the 2,700 risk professionals surveyed, a…

Ringing in a new National Privacy Law?

Privacy advocates have long called for a federal privacy law and it’s coming…in the mean time, experts say complying with the CCPA will lay the groundwork…

BitPyLock Ransomware Now Threatens To Publish Stolen Data

As reported by Bleeping Computer, a new ransomware called BitPyLock has quickly gone from targeting individual workstations to trying to compromise networks and stealing files before…

2020 Cybersecurity Predictions: Compliance, Authentication and CISO Evolution

Every year, the cybersecurity vendor community emails us in the media with predictions of what trends will impact the sector in the upcoming year. Sometimes they…

Lessons On Bringing New Technology To Market From A Serial Entrepreneur (Part 2)

In part one of my series on bringing new technology to market, I focused on two areas of business that entrepreneurs often overlook or take lightly: focusing…

Cybersecurity Trends in 2020: Cloud Security

Cloud computing has dominated our collective business consciousness over the last 10 years. Unfortunately, as the image above shows, cloud computing security’s popularity pales in…

Data protection in 2020, only the responsible will survive

Over the last decade, one thing has become clear – the massive amounts of data that are constantly generated and stored have grown faster than…

2020 Predictions: Data Breaches

Experian predictionsCybercriminals will leverage text-based “smishing” identity theft techniques to target consumers participating in online communities. As more Americans continue to join like-minded groups on…

2020 PREDICTIONS: DATA SECURITY

This is our first annual roundup of expert predictions for the coming year. Here’s what leading industry figures have to say about data security in…

Predictions 2020: Data Security Next Year and Beyond

As the oft-used metaphor goes, data is the new oil that powers business success. Today’s modern organizations are built on data collection so they can…

Analysts worry about tech security threats ahead of 2020 elections

Security experts say most voting machines are safe and secure, but disinformation campaigns on platforms like Facebook and Twitter need to be addressed. Election security…

KM Predictions for 2020

Today, there is a greater focus on customer experience across all channels of engagement, an appreciation for data as the oil that fuels business, growing…

The 10 most important cyberattacks of the decade

After a number of devastating breaches and hacks, the sheer size of data lost is no longer the only indicator of severity. Since 2010, billions of…

Lessons On Bringing New Technology To Market From A Serial Entrepreneur (Part 1)

Growing up, I was always intrigued by technology. I distinctly remember the National Geographic Magazine with the cover story titled “The Chip.” That cover and Time’s Computer as Machine…

Experts Reaction On 1.2 Billion Records Were Found Online On An Exposed, Unsecure Single Server

News has broken that 1.2 billion records were found online on an exposed, unsecure single server. While it doesn’t include sensitive information such as passwords, credit…

Google And Project Nightingale: A Breach Of Privacy Or Healthcare Hero?

Google Healthcare has been the subject of widespread media attention recently after it was reported that Google’s “Project Nightingale” is gathering personal health data on millions of…

‘Nightingale Project’ to Turn Over Millions of Medical Records to Google

A venture between Google and Ascension, one of the largest healthcare providers in the United States, will give the tech giant access to the sensitive…

A professional hacker reveals why so many companies are falling victim to data breaches, and the one thing every company should do to avoid getting hacked

Data breaches appear to be all the more common in recent years, with major firms across industries such as healthcare, social media, and finance falling…

New infosec products of the week: November 1, 2019

Baffle Data Masking and Exfiltration Control is a solution that ties access control and usage to data-centric encryption, providing an end-to-end data protection solution. It extends access…

Baffle’s masking and exfiltration solution provides end-to-end data protection

Baffle, an advanced data protection company, released Baffle Data Masking and Exfiltration Control, the only masking and exfiltration solution that ties access control and usage…

#Privacy: US enterprise launches technology to offset data breach risk

According to a 2018 Opus/Ponemon Institute study of 1,000 CISOs and risk professionals in the U.S. and UK, companies share confidential information with, on average, 583 third…

Elizabeth Warren is urging the FTC to investigate Amazon over concerns that it played a role in the massive Capital One data breach that affected 100 million people

United States senators Ron Wyden (D-Oregon) and Elizabeth Warren (D-Massachussetts) are urging the Federal Trade Commission to investigate Amazon over the massive Capital One data breach that…

What Healthcare Organizations Need to Consider When Moving to the Cloud

As the healthcare industry continues to digitize to meet patient demand and data-driven regulations, it has become a prime target for hackers, as personal health…

Mentoring the Next Generation of Tech Professionals: Tips and Advice

Ameesh Divatia, co-founder and CEO of Silicon Valley data security specialist Baffle, thinks that the world of startups is lonely. Fortunately, he also benefitted from…

Controlling Data Leakage in Cloud Test-Dev Environments

October 2, 2019 The focus on digital transformation and compressing development release cycles is appealing, but that means security can be left behind. How should…

Closing Cloud Database Security Vulnerabilities

August 30, 2019 Organizations are racing to the cloud — and that includes storing all types of company and customer data on it. According to Gartner ,…

The Key to Enterprisewide Encryption

August 7, 2019 Enterprise security teams have long struggled with the complexity of encryption and key management. While integrated solutions are starting to make it…

Capital One Data Breach: How to Protect Against Data Theft

July 31, 2019 Capital One is the latest major corporation to fall victim to a data breach, as it revealed on Monday that an intruder gained…

Rethinking Security For Your Serverless Applications

May 22, 2019 In previous columns, I’ve examined how migration to the cloud potentially comes with a loss of control for the customers of cloud-based…

Health Data Breach Tally Update: What’s Been Added?

May 9, 2019 A ransomware attack reported by a business associate that impacted more than three dozen clients and nearly 207,000 individuals is among the…

Privacy legislation: E pluribus unum

May 1, 2019 In the last several months, a series of tech company executives have sat before Senate and House panels, peppered with questions, smart…

15 Tech Experts Predict The Next Big Topics In Encryption And Cybersecurity

April 19, 2019 As businesses continue to digitize data and operations and consumers add more and more tech to their homes, encryption and cybersecurity are…

Reading Between the Lines of Zuckerberg’s Facebook Privacy Manifesto

March 7, 2019 In a 3,200-word essay on Wednesday, Facebook CEO Mark Zuckerberg outlined a plan for the social network to become a “simpler platform…

eWeek Daily Tech Briefing: February 22, 2019

February 22, 2019 On Feb. 19, Baffle announced that its data protection platform now supports the Amazon Web Services Lambda serverless compute platform. Baffle’s Advanced…

Baffle releases a data protection solution for serverless cloud workloads

February 20, 2019 Baffle, an advanced data protection company, announced it has released the first-to-market solution for data-centric protection of Amazon’s AWS Lambda, a pioneering…

Baffle Extends Data Protection Service to AWS Lambda Serverless

February 19, 2019 Although serverless compute functions are short-lived, the data sources and information that they connect with are often not, potentially opening up a…

7MS #349: Interview with Ameesh Divatia of Baffle

February 14, 2019 Today’s featured interview is with Ameesh Divatia, cofounder and CEO at Baffle. Baffle offers an interesting approach to data protection that they…

The Lack of US Privacy Regulations, Nest Camera’s Hijacked – WB53

January 28, 2019 This is your Shared Security Weekly Blaze for January 28th 2019 with your host, Tom Eston. In this week’s episode: Where are…

The Fact and Fiction of Homomorphic Encryption

January 22, 2019 [EXCERPT] The history of homomorphic encryption stretches back to the late 1970s. Just a year after the RSA public-key scheme was developed,…

2019 Data Privacy Wish List: Moving From Compliance To Concern

January 15, 2018 [EXCERPT] For virtually every business, the last and first (calendar) quarters are filled with reflection and planning — for revenue, services, operations,…

The CyberWire Daily Podcast

January 10, 2019 In today’s CyberWire Daily Podcast, guest is Ameesh Divatia from Baffle on the growing frustration with how companies handle our private information. …

Ransomware Attacks: The Data Integrity Issues

January 7, 2019 [EXCERPT] Data integrity issues can arise in the wake of a ransomware attack. Case in point: A California podiatrist practice hit by ransomware reports that…

Cybersecurity professionals lament losing of access to WHOIS database

January 4, 2019 [EXCERPT] One of the tools that cybersecurity professionals have historically relied on is access to a WHOIS database, a publicly shared list of records relating…

Land of the giants – Cybersecurity in 2018

December 27, 2018 [EXCERPT] 2018 threw some cybersecurity curve balls but it also looked a lot like 2017…only bigger. Teri Robinson reports. Once upon a time,…

SC 2019 Trust Award Finalists

December 12, 2018 The mission of SC Awards is to honor the achievements of the cybersecurity brands and professionals striving to safeguard businesses, their customers,…

What We Can Learn from the Marriott Data Breach

November 30, 2018 [EXCERPT] As details emerged about the latest “massive data breach”—this time at the Marriott International hotel chain—database experts and security technology executives…

The DPO’s Tightrope Act: Balancing Business And Privacy

November 30, 2018 [EXCERPT] As I mentioned in my last column, a large number of people and applications can have access to data in a…

ABC 7 Bay Area – Marriott Breach

November 30, 2018 ABC 7 Bay Area news speaks to Baffle CEO, Ameesh Divatia about the Marriott Breach. (View video)

Kalepso looks to break into the crowded encrypted database space

[EXCERPT] Databases might be the least sexy thing in tech. Second to that might be encryption. That isn’t stopping Kalepso, a Montreal, Canada-based encrypted database…

Ameesh Divatia, Co-Founder and CEO, Baffle

November 3, 2018 [EXCERPT] “I always want to know what the big picture is,” says Divatia, now co-founder and CEO of Baffle. “Even if I…

Four Critical Questions For New Data Privacy Officers

October 16, 2018 [EXCERPT] New DPOs do not have the luxury of time. Already they are called to task, often to clean up years of…

Implement security for DevOps across the board

October 12, 2018 [EXCERPT] DevOps can — when implemented successfully — be a defining factor in how well technology supports a business. Cascade and Waterfall…

Exposed! Open and misconfigured servers in the cloud

October 1, 2018 [EXCERPT] Tesla had one. Robocent had one. Walmart had one. GoDaddy had one. Misconfigured servers and databases in the cloud – exposing…

Secure as you go: new encryption solutions could spur healthcare cloud market growth

September 27, 2018 [EXCERPT] If the futurists, visionaries, and venture capitalists are to be believed, this example of applied artificial intelligence is right on the…

The CP List: 20 Tech Channel Thought Leaders You Should Know

September 25, 2018 [EXCERPT] “The age of fast-moving digital transformation and data security requires channel partners to redefine who they work with,” he said. “Today’s…

Tech Companies Preparing Framework for Federal Data Privacy Legislation

September 25, 2018 [EXCERPT] It looks like some of the largest tech and communication companies – Google, Apple, Amazon, Twitter, AT&T – will be meeting…

Four Security Questions Healthcare Organizations Must Address When Moving to the Cloud

September 20, 2018 [EXCERPT] The healthcare industry is becoming more digitized with organizations seeing the value of shifting operations to the cloud. From patients and…

TrueVault Expands Security Platform for Regulatory Compliance

August 16, 2018 [EXCERPT] TrueVault announced on Aug. 16 that it is expanding its namesake platform to help organizations keep personally identifiable information safe and…

The Internet’s New Diplomat: The Data Privacy Officer

July 30, 2018 [EXCERPT] … In my last column, I stated that the General Data Protection Requirement (GDPR) is already being touted as “the most important…

GDPR And The ‘Security By Compliance’ Mistake

July 2, 2018 [EXCERPT] For the past month, we have all been flooded with emails from vendors or website pop-ups with “privacy notice updates” about their…

8 Cloud Security Execs Reveal The Startups They’re Most Excited About

June 11, 2018 [EXCERPT] … Baffle, meanwhile, has demonstrated that its technology can allow enterprises to operate on encrypted data, Gupta said.  Normally, when data…

Baffle | Encryption: The key ingredient for data protection

June 7, 2018 [EXCERPT] The idea that breaches have become a “when” concern as opposed to an “if” concern has become a mainstream theory. The…

The CyberWire

Espionage, influence, summits, and elections. What counts as a luxury? An iCloud warrant raises cryptowars speculation. Microsoft’s GitHub  June 6, 2018 — Interview with Baffle…

Baffle Achieves Holy Grail of Encryption – First to Enable Wildcard Search on AES Encrypted Data With No App Rewrite

June 4, 2018 Baffle Advanced Data Protection Service Lets Applications Seamlessly Operate and Analyze Encrypted Data without Exposing Confidential Information SANTA CLARA, Calif.–(BUSINESS WIRE)–Baffle, Inc.,…

Baffle Advances Encrypted Data Protection Platform

June 4, 2018 [EXCERPT] … Cyber-security vendor Baffle announced an update to its Advanced Data Protection Service on June 4 that makes it possible for users…

Advanced encryption that locks down ‘underlying data’ arrives to support ‘digital transformation’

May 22, 2018 Encrypting data kept in storage (data at rest) as well as data as it is being transported from one server to another…

Baffle™ Hires VP of Products and Marketing; Company Continues to Expand Market Momentum and Awareness in 2018

Tuesday, April 10, 2018 (7am PT) SANTA CLARA, CA – Baffle, Inc., an advanced data protection company, today announced that it has hired Harold Byun…

Is Security Accelerating Your Business

With an ever-growing list of security and compliance requirements, security can hinder or slow business initiatives. Is your security department stuck in slow gear or…

CIO: 5 reasons you need to hire a chief privacy officer

5 reasons you need to hire a chief privacy officer Excerpt from article: “The most important responsibilities for the chief privacy officer is to be…

Would You Steal Data That Cannot Be Used?

By Ameesh Divatia From stolen emails to hacked credit reports to acts of industrial espionage we never hear about and now processor vulnerabilities, data breaches can…

Baffle Closes $6 Million in Series A Financing

Funding will accelerate product deployment and enhancements of advanced data breach protection solution Santa Clara, CA, Jan. 17, 2018 (GLOBE NEWSWIRE) — SANTA CLARA, CA –…

Baffle enables cloud-based apps to use encrypted data without breaking

BY MIKE WHEATLEY UPDATED 10:00 EST . 27 NOVEMBER 2017 Data encryption-as-a-service company Baffle Inc. is beefing up its product suite with a new data protection service for applications running on…

How to Fail Safe Your Data in the Cloud or When It’s Shared with 3rd Parties

Experienced engineers know to “fail safe” the systems they design. This basic principle merely says that a system remains in a safe state in the…

Baffle – Protecting Your Databases From Breaches

As Ameesh Divatia, the co-Founder and CEO of Baffle, likes to say, we need to accept that data breaches are a fact of computing life…

The Lifecycle of Data Protection Is Evolving. Here’s What You Need To Know

In this age of widespread ransomware attacks and rampant data breaches, enterprises are reimagining their data protection strategies. It is no longer adequate to worry…

The Future of Database Encryption

In order for encryption to be more broadly deployed, it must become easier to consume and interfere less with how applications process data. CIOs and…

Application Development: Ripe for Encryption

As businesses look to accelerate application innovation and move more and more workflows to the cloud, their needs can be at odds with the need…

Three Trends Shaping The Encryption Industry (And A Look At What’s To Come)

Data breaches are becoming bigger, bolder and more widespread than ever before. As a new government takes office in Washington, we need a mandate that…

Baffle at RSA 2017

Cloud-based databases need new approaches to ensure data security

Interest and adoption of cloud-based databases is ramping up as more companies see the value of moving from traditional on-premise IT infrastructures to off-premise cloud…

Why insider threats are the next big security challenge

The high-profile leaks of highly sensitive data by NSA contractors Harold Thomas Martin and Edward Snowden woke enterprises up to the fact that traditional perimeter security…

Baffle: Making Application and Database Encryption Easy

There is nothing worse than having a solution to a problem that people don’t know they have. That may be the classic definition of database…

Encryption Key to Compliance Requirements as Companies Move to Cloud

The expansion of compliance requirements for data that is not in a customer’s on-premise environment is inevitable. Is your company ready? As we start the…

End-to-End Encryption a Recipe for Serenity

Data breaches litter the news cycle. There is a new, even worse breach garnering front page coverage on what seems like a daily basis. With…