VMworld 2018 started off with a lot of fanfare. VMware CEO Pat Gelsinger kicked the conference off with some mind-boggling statistics: With more than 7,500 customers, VMware NSX has achieved a substantial market leadership position in the software-defined network category – ten times larger than its closest customer. Additionally, VMware’s vSAN software, which is a…
What is the California Data Breach Notification Law (AB 375)? The threat of data breaches in the United States continues to rise, along with the potential impact on the lives of the average consumer. The state of California has led most states in enacting legislation to protect consumers from identity theft, and in fact became…
What is Foreshadow, and How Can You Overcome this Vulnerability? Earlier this month it was revealed that another vulnerability – the fourth – was discovered in Intel’s x86 chip architecture. Researchers in Belgium originally alerted Intel to this flaw, initially dubbed Foreshadow NG. Intel subsequently discovered an additional Foreshadow flaw in January 2018 but did…
Are you attending VMworld 2018? If you’re attending VMworld 2018 and trying to weed through the 600+ sessions to decide what to attend it can be daunting. You only have a limited about of time to get the information you need. To help, we’ve compiled the top seven presentations for anyone interested in application…
As the liability associated with data breaches is rolling “downhill” to smaller companies and vendors that provide other business services, the need for cyber insurance is becoming more important. However, paying attention to the details is crucial to understanding what kind of insurance an organization requires and under what circumstances reimbursement is declined. In a…
Understanding the FTC’s Role in the investigation and enforcement of cyber attacks In a previous blog, we discussed the FTC and its role in enforcing various data privacy policies. In this article, we’ll take a closer look at how it developed into the main cyber enforcement body, how it assesses liability, and a sample of…
There are always interesting and insightful presentations at the RSA security conference, and this year was no exception. However, there was one session that really captured our attention: “Cybersecurity and Data Breaches from a Business Lawyer’s Perspective.” This was presented by Kathy Winger, a practicing business attorney who provides guidance on data privacy laws and…
In previous articles we’ve talked about the need and challenges associated with securing DevOps environments. It’s a complex topic. At the root of the matter is the fact that it has to do with the overlap of the three main functions in any organization: Application developers (Dev) who must quickly develop and iterate applications designed…
In the story of the Emperor’s New Clothes, the emperor parades before his subjects in his new “clothes,” yet no one dares to say that they do not see any suit of clothes on him for fear that they will seem “unwise.” There’s a parallel in the security world today. Threat hunting for the purposes…
In prior blogs, we discussed the rise of data privacy regulations across all industries and how it has been challenging for organizations to stay on top of the varying and conflicting requirements. In this blog, we take a look at New York’s law – 23 NYCRR 500 – that has a high impact on the…