#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News

Data Protection | Breaking Cybersecurity News | The Hacker News

Category — Data Protection
Zero Trust Security, Why It's Essential In Today's Threat Landscape

Zero Trust Security, Why It's Essential In Today's Threat Landscape

Jan 16, 2025
Coined in 2010 by Forrester Research , the term "zero trust" has long been hijacked by security vendors eager to take advantage of the hype that surrounds the concept. Today, it's so overused and misused that many see it as a meaningless buzzword—but that's far from the truth. In fact, its widespread misappropriation demonstrates the power of zero trust security. Why else would countless vendors try to capitalize on it? As they say, imitation is the sincerest form of flattery. Zero trust is not a mere label. Rather, zero trust is an architecture—though you'll also hear of a zero trust methodology, framework, paradigm, and infrastructure—and it's based on the idea of zero implicit trust, meaning no one should be trusted by default. The key zero trust principle of least-privileged access says a user should be given access only to a specific IT resource the user is authorized to access, at the moment that user needs it, and nothing more. Hence the zero trust maxim,...
State of SaaS Security Report: Bold Moves Required to Secure SaaS in 2024 and Beyond

State of SaaS Security Report: Bold Moves Required to Secure SaaS in 2024 and Beyond

Nov 12, 2024
The rapid adoption of SaaS solutions, accelerated by trends such as remote work, cloud computing, big data, and Generative AI (GenAI) has brought significant benefits to organizations. However, this transformation also introduces new attack surfaces and unique challenges for security teams, who must now consider how they can secure the intricate web of SaaS usage across their organization.  Today, the SaaS security landscape is characterized by several key themes and issues: Credential Theft and Stuffing: This trend is fueled by dark web marketplaces where breached credentials are bought, sold, and traded, making it easy for attackers to carry out credential stuffing attacks. Shadow SaaS: The explosion of unauthorized SaaS apps has led to a rise in employees inadvertently exposing sensitive data. Trial or demo accounts are a main source of shadow SaaS.  SaaS Sprawl: In 2023, the average number of SaaS apps used by a business reached 473. Our numbers indicate an increase ...
Security Operations for Non-Human Identities

Security Operations for Non-Human Identities

Sept 28, 2024
Non-Human Identities (NHIs) are an emerging focus for Security Operations Centers (SOCs) in the age of automation and autonomous tooling. With many of the most recent cyber-attacks focused on compromising NHIs such as secrets, machine identities, and OAuth tokens, securing NHIs has become a forefront concern when protecting confidential information and other digital assets. The Problem Findings from recent research from Entro Labs indicate NHIs outnumber human identities in modern enterprises by over 92:1, requiring more extensive visibility and investigation throughout the enterprise to secure than ever before. The rapid proliferation of Non-Human Identities throughout modern enterprises has standardized security exposure as a de-facto practice of most organizations - While Identity Access Management (IAM) tools and Identity Governance and Administration (IGA) processes safeguard human identities and manage their lifecycles (onboarding, offboarding, role changes, etc…), NHI mana...
The Microsoft 365 Backup Game Just Changed: Ransomware Recovery Revolutionized

The Microsoft 365 Backup Game Just Changed: Ransomware Recovery Revolutionized

Sept 19, 2024
In today's hyper-connected digital world, the importance of robust data protection is undeniable. For businesses of all sizes, the need to safeguard critical information has moved from a secondary IT concern to a boardroom-level issue. This heightened urgency is driven by the increasing frequency and complexity of cyberattacks, particularly ransomware, which have the potential to cripple operations, cause catastrophic financial losses, and in some cases, irreparably damage a company's reputation. Ransomware attacks are no longer isolated incidents affecting just a handful of organizations. They have evolved into sophisticated, organized, and relentless operations targeting businesses of every scale and across every industry. With the rise in these attacks, the need for an effective ransomware recovery strategy has become one of the most pressing issues in data protection — and central to this conversation is Microsoft 365, which plays a pivotal role in the day-to-day operations of mi...
How Confident Are You That Your Critical SaaS Applications Are Secure? 

How Confident Are You That Your Critical SaaS Applications Are Secure? 

Sept 01, 2024
Software-as-a-service (SaaS) applications have become the backbone of many modern businesses. With the myriad of functionalities they offer, they maximize collaboration, agility, scalability, and ultimately, profits. So it's no wonder that companies rely on an incredible hundreds of apps today, up from dozens just a few years ago. But this rapid adoption has introduced brand-new vulnerabilities and elusive blind spots. 2024 saw many attacks originating from SaaS apps including those perpetrated by nation states . And the headlines about SaaS app attacks seem to be getting more ominous if that is even possible. The culprits behind the attacks come from outsiders, insiders, third parties, and even unintentional human errors or negligence. The need to address this snowballing trend has reached a critical point. Given the scale and speed of app development and adoption, we are creating a larger attack surface for increasingly capable adversaries every day. In such a high-stakes environm...
Achieving Data Resilience in Microsoft 365

Achieving Data Resilience in Microsoft 365

Sept 01, 2024
In our current tech landscape, dealing with cybersecurity incidents like ransomware and other disasters is unavoidable. To keep your business running, you need to be able to take disruptions and cyberattacks in stride. This means being able to not just bounce back from an outage or data loss situation — but bounce forward each time. This is at the heart of data resilience. Read on to learn more about how to keep your organization moving forward, no matter what comes your way. Stay Ahead of the Curve As cybersecurity threats and ransomware attacks continue to increase and evolve, it's critical that you stay ahead of the curve when it comes to keeping up with cybersecurity trends. Cyber threats are evolving quickly into more sinister and dangerous variants, and they won't wait for your defenses to catch up. Some of the top cybersecurity and data protection trends this year include using zero trust principles like multi-factor authentication (MFA) systems, passkeys, and password-less...
Best Practices for Integrating ZTNA with Existing Security Infrastructure

Best Practices for Integrating ZTNA with Existing Security Infrastructure

Aug 15, 2024
Many organizations might not find it easy to integrate existing security infrastructure with zero-trust network access (ZTNA) solutions. At first glance, ZTNA bolsters the safety and flexibility of having a distributed staff. However, implementing such systems can be challenging as they may clash with older systems and existing security protocols. To begin with, security teams need to take into account the current architecture, potential friction points, and how user experience should be seamless when integrating ZTNA. Thankfully, there are rising tools and methodologies that make this process less complicated in order for companies to gain all the advantages of ZTNA without compromising their present state of security. To help you through this process smoothly without compromising your cybersecurity strategy, here are some best practices on how you can successfully implement ZTNA using your existing security infrastructure. Why should businesses implement ZTNA? Organizations cont...
How to Modernize Your Microsoft 365 Data Protection Strategy to Ensure Business Continuity

How to Modernize Your Microsoft 365 Data Protection Strategy to Ensure Business Continuity

Aug 15, 2024
Safeguarding the sensitive information within your Microsoft 365 environment is more important than ever. From accidental deletion and ransomware attacks to costly compliance failures, the consequences of inadequate data protection can be severe. It's important to understand the Shared Responsibility Model. The Model explains that Microsoft secures and ensures the uptime of its infrastructure, while you're ultimately responsible for correctly configuring settings, protecting against accidental data loss, and ensuring compliance with relevant regulations. Microsoft 365 provides powerful services, but a comprehensive backup of your data is not included in a standard Microsoft 365 license. Having an effective data protection strategy and comprehensive data backups are your best defense against these invisible dangers. In today's digital era, the necessity of modernizing data protection solutions cannot be overstated. The 2024 Data Protection Trends Report revealed that 75% of org...
Cybersecurity Resources