October 3rd, 2018

The Role Encryption Plays in Protecting Healthcare Data, Driving Innovation

As the healthcare industry continues to go digital to meet patient demand and data-driven regulations, it has been heavily targeted by hackers, as patient records offer a treasure trove of financial, personal and medical information that’s profitable on the dark web. A recent JAMA Network…

Read More

As the healthcare industry continues to go digital to meet patient demand and data-driven regulations, it has been heavily targeted by hackers, as patient records offer a treasure trove of financial, personal and medical information that’s profitable on the dark web. A recent JAMA Network…

Read More

June 4th, 2018

The Holy Grail of Encryption

Today, Baffle reached another milestone by delivering first-to-market capabilities enabling wildcard search on AES encrypted data without requiring any modification to an application. Achieving this “holy grail” of encryption provides complete validation of our approach to deliver a simple to deploy data protection layer that…

Read More

Today, Baffle reached another milestone by delivering first-to-market capabilities enabling wildcard search on AES encrypted data without requiring any modification to an application. Achieving this “holy grail” of encryption provides complete validation of our approach to deliver a simple to deploy data protection layer that…

Read More

May 10th, 2018

CISOs Brawl it Out at RSA

Chairs were thrown.  A table was flipped.  Someone broke a bottle. And a portable LED projector got a scratched lens. Ok, it didn’t quite happen that way, although there was a broken bottle at the reception afterward. At our CISO panel at RSA on “Can…

Read More

Chairs were thrown.  A table was flipped.  Someone broke a bottle. And a portable LED projector got a scratched lens. Ok, it didn’t quite happen that way, although there was a broken bottle at the reception afterward. At our CISO panel at RSA on “Can…

Read More

May 4th, 2018

Vulnerabilities Come in Waves

VULNERABILITY WAVE EXAMPLES In April 2014, a two year old zero day vulnerability was discovered in OpenSSL.  Heartbleed represented a new finding in TLS implementations that exposed over 800,000 websites to the exposure.  In the subsequent months through 2014, four additional vulnerabilities were uncovered that…

Read More

VULNERABILITY WAVE EXAMPLES In April 2014, a two year old zero day vulnerability was discovered in OpenSSL.  Heartbleed represented a new finding in TLS implementations that exposed over 800,000 websites to the exposure.  In the subsequent months through 2014, four additional vulnerabilities were uncovered that…

Read More

April 2nd, 2018

Overcoming the Push and Pull Between Business and Security

This morning, an article I wrote for Dark Reading called “Is Security Accelerating Your Business?” was published. Here is the link to the full article. In short, I wanted to answer the following question: with an ever-growing list of security and compliance requirements, security can…

Read More

This morning, an article I wrote for Dark Reading called “Is Security Accelerating Your Business?” was published. Here is the link to the full article. In short, I wanted to answer the following question: with an ever-growing list of security and compliance requirements, security can…

Read More

January 9th, 2018

Securing data against Meltdown and Spectre with Multi-Party Compute (MPC)

The New Year has brought to light a significant vulnerability in processor architectures. In the desire to improve performance, memory isolation, which is one of the fundamental security features provided by modern processors, has been compromised. Meltdown and Spectre have shown us how the micro-architectural…

Read More

The New Year has brought to light a significant vulnerability in processor architectures. In the desire to improve performance, memory isolation, which is one of the fundamental security features provided by modern processors, has been compromised. Meltdown and Spectre have shown us how the micro-architectural…

Read More

May 25th, 2017

Here comes GDPR, are you ready?

Today is May 25, 2017 – we are exactly one year away from the implementation of the most stringent privacy regulation ever enacted – the European Union’s General Data Protection Requirements (GDPR)! Are you ready? If you collect data from EU residents or just process…

Read More

Today is May 25, 2017 – we are exactly one year away from the implementation of the most stringent privacy regulation ever enacted – the European Union’s General Data Protection Requirements (GDPR)! Are you ready? If you collect data from EU residents or just process…

Read More

March 17th, 2017

Why Is Homomorphic Encryption Not Ready For Primetime?

First a short lesson in history: In 1978, just a year after the RSA public-key scheme was developed, Rivest et al. published “On Data Banks and Privacy Homomorphisms” to explain how a small loan company (now known as a financial institution) could use a commercial…

Read More

First a short lesson in history: In 1978, just a year after the RSA public-key scheme was developed, Rivest et al. published “On Data Banks and Privacy Homomorphisms” to explain how a small loan company (now known as a financial institution) could use a commercial…

Read More