GDPR – One Year Later…
The penalty for failure to comply with the General Data Protection Regulation (GDPR) is up to $22 million or 4% of annual global turnover (whichever is greater). By now most organizations around the globe know that regardless of where they are based, this regulation affects them if they are doing business with EU citizens. Aside from having a responsibility to properly handling personal data, that amount of money can really hurt your business. For example, under the Data Protection Act o…
Database Security Best Practices – Simple & Worthwhile Concepts – Part IV
Database security is a hot topic these days, especially with
all the new and seemingly never-ending security compliance requirements being
imposed such as GDPR. This means that organizations and their DBAs must step up
their game when it comes to database security. Some DBAs may think these new
requirements apply only to production but depending on the situation DBAs may
well need to apply stricter security across the board – including development
and all test databases (e.g. unit testing, st…
What is the NYDFS Cybersecurity Regulation?
The New York Department of Financial Services released the NYDFS Cybersecurity Regulation (23 NYCRR 500) in 2017, a set of regulations that place cybersecurity requirements on all DFS regulated entities. This regulation was put into effect at a time where cybersecurity threats are growing, with players coming from nation-states such as Russia, to independent criminal actors, or even terrorist organizations. The goal of this regulation is to not only protect customer information but to also pr…
Database Security Best Practices – Simple & Worthwhile Concepts – Part III
Database security is a hot topic these days, especially with all the new and seemingly never-ending security compliance requirements being imposed such as GDPR. This means that organizations and their DBAs must step up their game when it comes to database security. Some DBAs may think these new requirements apply only to production but depending on the situation DBAs may well need to apply stricter security across the board – including development and all test databases (e.g. unit testing, st…
2019 Verizon DBIR Key Findings
Two Trends and Themes Worth Thinking About
Why do we all get so excited about the Verizon Data Breach Investigations Report (DBIR) every year? For me, it’s not just the subject matter. It’s mostly the snarky tone and the pop-culture references. Call it what you will, but the injection of humor into an otherwise serious set of findings of our seemingly collective ineptitude makes it at least palatable to read and thus easier to digest.
Seriously though, while it’s not all bad, the datase…
Database Security Best Practices – Simple & Worthwhile Concepts – Part II
Database security is a hot topic these days, especially with all the new and seemingly never-ending security compliance requirements being imposed such as GDPR. This means that organizations and their DBAs must step up their game when it comes to database security. Some DBAs may think these new requirements apply only to production but depending on the situation DBAs may well need to apply stricter security across the board – including development and all test databases (e.g. unit testing, st…
What is APRA’s CPS 234? Part 2
This is our second part of a two-part series regarding APRA’s new prudential standard of CPS 234 and how this can potentially impact an organisation.
Part 1 focused primarily on the background of the CPS 234 and the beginning of the controls necessary to put in place to begin getting ready. Today we are going to talk about the additional steps necessary around risk management and some of the best practices to assist with that risk management in regards to data within an organisation.
H…
Database Security Best Practices – Simple & Worthwhile Concepts – Part I
Database security is a hot topic these days, especially with all the new and seemingly never-ending security compliance requirements being imposed such as GDPR. This means that organizations and their DBAs must step up their game when it comes to database security. Some DBAs may think these new requirements apply only to production but depending on the situation DBAs may well need to apply stricter security across the board – including development and all test databases (e.g. unit testing, st…
What is APRA’s CPS 234? Part 1
If you are located in Australia or do business in Australia,
you may be an Australian Prudential Regulation Authority (APRA) regulated
entity. If you are unsure, take a trip to APRA’s website and see whether it’s
applicable to you or not.
For the sake of this blog let’s say you are regulated or are just interested in what it means if you are. In that case, you may be subject to the new prudential standard of CPS 234.
So, What Actually is CPS 234?
CPS 234 is a prudential standard tha…
How to Implement Stealthbits Access Library Connectors
With the advent of the Stealthbits Access Library, today we are going to have a quick Protip in the form of how to best implement these connectors and what the little “gotchas” might actually be.
Obtaining Access Library Connectors
First, let’s talk about getting the modules downloaded
correctly.
On the Stealthbits homepage, there is a “LOGIN” option in the upper-right of the screen:
Make sure to login with the credentials provided to you by Stealthbits! If you don’t have any …
