Security Boulevard

via the comic humor & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Trimix’ appeared first on Security Boulevard.

The post Sanitizing Unstructured Data In Motion—and Why It’s Important appeared first on Votiro.

The post Sanitizing Unstructured Data In Motion—and Why It’s Important appeared first on Security Boulevard.

Around the year 1900, an author (Rudyard Kipling) wrote a poem called “The Elephant’s Child.” In it, he writes: “I keep six honest serving men They taught me all I knew Their names are What and Why and When And How and Where and Who.”  Little did Kipling know that these six friends would someday […]

The post Six Friends Every Security Team Needs appeared first on Security Boulevard.

Microsoft is suing 10 unknown people involved in a sophisticated scheme to exploit users credentials to access the vendor's Azure OpenAI AI services, bypass security guardrails, and post harmful images using its cloud systems.

The post Microsoft Sues Group for Creating Tools to Bypass Azure AI Security appeared first on Security Boulevard.

Commvault today added an ability to automatically recover the instances of Microsoft Active Directory (AD) that have become primary targets of cybersecurity attacks.

The post Commvault Adds Ability to Recover Entire Instances of Active Directory appeared first on Security Boulevard.

In this episode, host Peter dives into the challenges of the tech job market in 2023 and 2024 and introduces us to Julia, a dynamic writer and content strategist with a fascinating background in computational cognitive neuroscience. Julia shares insights on: The art of connecting products and services with customers in meaningful ways. A unique […]

The post Reemployment Project: Meet Julia High appeared first on Security Boulevard.

CISA in two years has seen the number of critical infrastructure organizations signing up for its CPG services double, which has improved the overall security in most sectors, but more needs to be done to strengthen what has become a target adversarial state-sponsored threat groups.

The post Critical Infrastructure Seeing Benefits of Government Program, CISA Says appeared first on Security Boulevard.

Explore key trends in the BSIMM15 report, such as securing AI and the software supply chain, plus recommendations for enhancing your software security program.

The post BSIMM15: New focus on securing AI and the software supply chain appeared first on Blog.

The post BSIMM15: New focus on securing AI and the software supply chain appeared first on Security Boulevard.

On January 7, we published a press release to share our five predictions for cybersecurity in 2025. Over the next few weeks, we’ll publish a blog series that provides additional commentary on each prediction. This is the second blog in the series. Check out the first and second blogs here.    Prediction Key Takeaways: We […]

The post 2025 Prediction 3: Digital Security Will Expand Beyond Privacy Concerns To Include Holistic, Integrated Cyber and Physical Protection appeared first on BlackCloak | Protect Your Digital Life™.

The post 2025 Prediction 3: Digital Security Will Expand Beyond Privacy Concerns To Include Holistic, Integrated Cyber and Physical Protection appeared first on Security Boulevard.

Nisos
The Insider Threat Digital Recruitment Marketplace

Nisos routinely monitors mainstream and alternative social media platforms, as well as cloud-based messaging applications and dark web forums...

The post The Insider Threat Digital Recruitment Marketplace appeared first on Nisos by Nisos

The post The Insider Threat Digital Recruitment Marketplace appeared first on Security Boulevard.

In this article, we touch on the trends and predictions that in the year 2025 and beyond will fashion cloud security.

The post Future-Proofing Cloud Security: Trends and Predictions for 2025 and Beyond  appeared first on Security Boulevard.

Fifteen Best Practices to Navigate the Data Sovereignty Waters
josh.pearson@t…
Tue, 01/14/2025 - 08:04

Data sovereignty—the idea that data is subject to the laws and regulations of the country it is collected or stored in—is a fundamental consideration for businesses attempting to balance harnessing the power of data analytics, ensuring compliance with increasingly stringent regulations, and protecting the privacy of their users. 

At Thales, we believe that data sovereignty doesn’t obstruct innovation; it enables it. With the right tools and expertise, businesses can navigate the murky waters of data sovereignty, taking advantage of data’s huge potential while securely processing and storing data wherever it is. So, to help you along the way, here are our 15 best practices for navigating the data sovereignty water.

Regulation and compliance Compliance Encryption

Thales | Cloud Protection & Licensing Solutions
More About This Author >

Data sovereignty—the idea that data is subject to the laws and regulations of the country it is collected or stored in—is a fundamental consideration for businesses attempting to balance harnessing the power of data analytics, ensuring compliance with increasingly stringent regulations, and protecting the privacy of their users.

At Thales, we believe that data sovereignty doesn’t obstruct innovation; it enables it. With the right tools and expertise, businesses can navigate the murky waters of data sovereignty, taking advantage of data’s huge potential while securely processing and storing data wherever it is. So, to help you along the way, here are our 15 best practices for navigating the data sovereignty water.

360-degree Data Protection Mechanism

Navigating data sovereignty requires comprehensive data security and resilience, which 360-degree data protection mechanisms provide. A 360-degree data protection mechanism is a holistic approach to data security encompassing all data management aspects. It ensures that data is protected throughout its lifecycle, from creation to deletion, across all environments—on-premises, cloud, hybrid, and multi-cloud.

Automation in Security Management

Organizations often use multiple cloud environments to meet data sovereignty requirements. This approach provides geographic flexibility, helping to ensure compliance with local regulations in various regions. Similarly, some jurisdictions may require a different cloud environment from others.

However, achieving scalability and adequate security across multiple cloud services can take time and effort. The more cloud environments an organization has, the more work a security team must do to secure them. By automating security tasks and processes, organizations allow security teams to secure multiple cloud environments while minimizing manual effort.

Data Classification

Data classification and governance ensure compliance with data sovereignty by categorizing data based on sensitivity and applying appropriate security measures. They enforce localized data storage, automated compliance, and consistent security controls, facilitate auditing and regulatory reporting, and manage cross-border data transfers to adhere to local and international laws.

Transparency and Control Over Data

Transparency and control over data are crucial for data sovereignty as they ensure organizations can track, manage, and secure data in compliance with local laws. This visibility helps maintain regulatory compliance, enforce data localization policies, and swiftly address security issues, safeguarding sensitive information within jurisdictional boundaries.

Understand the Nature of Data in Cloud Migration

As noted, to meet data sovereignty requirements, organizations will often have to set up cloud data centers in multiple jurisdictions and, as such, carry out cloud migration. Understanding the nature of data in cloud migration is crucial for successful cloud migration and handling of sensitive information. It ensures appropriate security measures, compliance with regulatory requirements, and effective data management strategies, preventing data breaches and maintaining data integrity during the transition to the cloud environment.

Robust Data Management and Governance

Robust data management and governance are critical parts of any data protection legislation. To implement robust data management and governance, organizations should establish clear policies and procedures for data classification, access control, and lifecycle management, use automated tools for monitoring, auditing, and enforcing compliance, and regularly update policies to reflect regulatory changes and ensure consistent data protection across all systems and environments.

Robust Encryption Strategies and Pseudonymization

Robust encryption strategies and pseudonymization are crucial for protecting sensitive data and meeting data sovereignty requirements. Encryption ensures data is securely stored and transmitted, safeguarding it from unauthorized access or breaches. Pseudonymization further anonymizes data, reducing the risk of identification if data is compromised. These measures protect sensitive information and help organizations comply with data residency laws by ensuring data is stored and processed within required geographic boundaries.

Effective Key Management to Map Data Sensitivity

However, poor key management can render even the most robust encryption algorithms ineffective. Effective key management is foundational to data sovereignty: while cryptographic algorithms are public, the associated keys must remain secret. Critical management practices such as classification, key assignment, access controls, rotation and revocation, and auditing and monitoring ensure that sensitive data is protected according to its level of sensitivity.

Crypto Agility and Quantum-Resistant Algorithms Awareness

Crypto agility and awareness of quantum-resistant algorithms are crucial for preparing organizations for future technological shifts and ensuring long-term data security.

Crypto agility enables organizations to adopt and integrate new cryptographic standards and algorithms as they evolve. This flexibility ensures that data remains protected against emerging threats and vulnerabilities.

With quantum computing advancements threatening current encryption methods, awareness and adoption of quantum-resistant algorithms are essential. These algorithms are designed to withstand attacks from quantum computers, safeguarding data integrity and confidentiality in the future.

Backup and Disaster Recovery Strategies

All data protection regulations will require organizations to have backup and disaster recovery strategies to be resilient against security incidents such as ransomware attacks.

Zero Trust Network Access (ZTNA)

ZTNA ensures that only necessary and authenticated individuals and machines can access a network, thus preventing unauthorized access and potential data breaches. Most jurisdictions require ZTNA in their data protection regulations.

Digital Identity and Access Management

Similarly, digital identity and access management (IAM) is crucial for data sovereignty and security, as it ensures that only authorized users access sensitive data. IAM, particularly in zero-trust models, verifies identities and enforces least privilege access, preventing unauthorized access across cloud environments, safeguarding data integrity, and compliance with regulatory requirements.

Regular Audits and Compliance Checks

Regular audits and compliance checks ensure the effectiveness of data protection and control strategies over time while confirming compliance with different jurisdictions’ data protection regulations.

Keep Abreast with Emerging Technologies

Technologies for cybersecurity defenders and attackers are evolving at an unprecedented speed. To keep up with data sovereignty, it’s crucial to be aware of developments on either side of the battle. By doing so, organizations can adapt to new challenges and ensure up-to-date security measures.

Data Residency Awareness in Different Jurisdictions

Most importantly, it’s crucial to understand data protection laws in different jurisdictions. By practicing data residency awareness, organizations ensure they store and process data according to local laws, respect privacy rights, and prevent legal violations. This awareness helps organizations navigate complex regulatory landscapes and avoid penalties related to data sovereignty and privacy breaches.

Transforming data sovereignty from a risk to an opportunity

Implementing the above best practices using this checklist will help organizations navigate data sovereignty’s murky waters. New data protection regulations are coming thick and fast, particularly in the US, so there’s no better time to get on top of your data sovereignty requirements.

For more information on data sovereignty, how it will affect businesses, and how to thrive in the digital economy while upholding the highest standards of data security and privacy, check out the 2024 Thales Data Security Directions Council Report, Data Sovereignty: Who Owns Your Data and Can You Control It?

Schema {
"@context": "https://schema.org",
"@type": "BlogPosting",
"mainEntityOfPage": {
"@type": "WebPage",
"@id": "https://cpl.thalesgroup.com/blog/encryption/15-best-practices-data-sovereignty"
},
"headline": "15 Best Practices for Data Sovereignty Success",
"description": "Learn 15 best practices for navigating data sovereignty, from encryption to compliance, and transform risks into opportunities with Thales expertise.",
"image": "",
"author": {
"@type": "Person",
"name": "",
"url": ""
},
"publisher": {
"@type": "Organization",
"name": "Thales Group",
"description": "The world relies on Thales to protect and secure access to your most sensitive data and software wherever it is created, shared, or stored. Whether building an encryption strategy, licensing software, providing trusted access to the cloud, or meeting compliance mandates, you can rely on Thales to secure your digital transformation.",
"url": "https://cpl.thalesgroup.com",
"logo": "https://cpl.thalesgroup.com/sites/default/files/content/footer/thaleslogo-white.png",
"sameAs": [
"https://www.facebook.com/ThalesCloudSec",
"https://www.twitter.com/ThalesCloudSec",
"https://www.linkedin.com/company/thalescloudsec",
"https://www.youtube.com/ThalesCloudSec"
]
},
"datePublished": "2025-01-13",
"dateModified": "2025-01-13"
} studio THALES BLOG Fifteen Best Practices to Navigate the Data Sovereignty Waters

January 14, 2025

The post Fifteen Best Practices to Navigate the Data Sovereignty Waters appeared first on Security Boulevard.

CISOs must take advantage by making the most of their limited time with effective and informative messaging. 

The post Conveying Your Security Needs to the Board in Six Minutes or Less  appeared first on Security Boulevard.

Web-based attacks are becoming increasingly sophisticated, and payment parameter tampering stands out as a silent yet potent threat. This attack involves manipulating parameters exchanged between the client and server to alter sensitive application data, such as user credentials, permissions, product prices, or quantities. The data targeted in parameter tampering is typically stored in cookies, hidden […]

The post What is Payment Parameter Tampering And How to Prevent It? appeared first on Kratikal Blogs.

The post What is Payment Parameter Tampering And How to Prevent It? appeared first on Security Boulevard.

Discover how Grip complements SSPM tools by uncovering shadow SaaS, and addressing identity risks, providing comprehensive SaaS security for your organization.

The post Grip vs SSPM: What’s the Difference? | Grip Security appeared first on Security Boulevard.

Discover how Grip complements CASBs by reducing alert noise, uncovering shadow SaaS, and providing identity-based insights for comprehensive SaaS security.

The post Grip vs CASB: What’s the Difference? appeared first on Security Boulevard.

6 min readFrom dynamic workloads to API-driven systems, managing non-human identities requires a new approach to security at scale.

The post Why Scalability Matters in Non-Human Identity and Access Management appeared first on Aembit.

The post Why Scalability Matters in Non-Human Identity and Access Management appeared first on Security Boulevard.

The new rules come in the wake of the Change Healthcare breach, which exposed the electronic personal health information of about 100 million Americans.

The post HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare Breach  appeared first on Security Boulevard.

A new ransomware group called FunkSec claimed 85 victims in December but its members appear to be lesser-skilled hackers using generative AI and inflated attack numbers to bolster their capabilities and reputation, according to Check Point researchers.

The post FunkSec: A New Ransomware Group Buoyed by AI appeared first on Security Boulevard.

Have you ever had your lunch interrupted by a sudden barrage of security alerts? That’s exactly what happened to one of our clients when a frantic call from their Security Operations Center revealed a flood of suspicious emails. The culprit? A brand-new cyberattack mimicking the notorious Black Basta group’s latest technique—and it hit with lightning […]

The post Inside a 90-Minute Attack: Breaking Ground with All-New AI Defeating Black Basta Tactics first appeared on SlashNext.

The post Inside a 90-Minute Attack: Breaking Ground with All-New AI Defeating Black Basta Tactics appeared first on Security Boulevard.