Blogs

Our personal and professional lives are reliant on technology. But the sensitive data we share and store online is more vulnerable to cyberthreats than ever before. From credit card numbers and medical records to private messages and intellectual property, encrypting data is essential to safeguard our information from prying eyes and unauthorized access. Without encryption, we risk exposing our most valuable assets to malicious actors who seek to exploit our online vulnerabilities.

Since returning from RSA Conference 2023, I've collected my thoughts from the massive sensory input that comes from this four-day, 625-vendor, 700-speaker cybersecurity conference. Upwards of 45,000 people attended this year's RSA Conference—a massive increase over last year's 26,000 attendees.

Taking inspiration from the words of Helen Keller, "Alone we can do so little; together we can do so much," the theme for RSA Conference 2023 is "Stronger Together."

New tools are proliferating to secure data wherever it lives. Six data security trends—ranging from AI washing to new data security platforms—are in the forefront for 2023.

Identity's place in the attack chain is driving the shift of identity responsibility from IT operations teams to security teams to look into passwordless, digital IDs, platforms, and more.

Encryption is a foundational element of cybersecurity. Organizations should implement encryption to counter the ever-growing threat of data breaches.

Two recent high-profile breaches—Intercontinental Hotels Group and Uber—demonstrate the criticality of securing your identities. Both of these attacks started with a social engineering attack. One started with traditional business email compromise (BEC), and the other started with MFA push bombing. The next stage of both attacks compromised the password/secrets vault.

There are many different cybersecurity categories, and it seems that a new category is created every minute. If you're paying attention to cloud security, you may have seen or heard about DSPM—data security posture management. 

As ransomware actors have gained in experience and sophistication, they've adopted new tactics. Before encrypting your data, they exfiltrate it. This way, they can make you pay twice--first for an encryption key, and second, an extortion fee to prevent the attacker from publishing your sensitive data.

Data security encompasses the principles and practice of ensuring legitimate access and preventing unauthorized access to data to preserve the cybersecurity triad of confidentiality, integrity, and access (CIA). A data security platform that enables you to discover, classify, and protect your sensitive data can stop a ransomware attacker from data exfiltration and limit your exposure to extortion.

Easy-to-remember passwords are easy to crack. Strong passwords are hard to remember,
leading to password reuse and the risk of password compromise that causes multiple account takeovers. Passwords are risky business.

Multifactor authentication (MFA) is a way to combat the inherent weaknesses of passwords. Yet MFA is also susceptible to compromise. Passwordless authentication based on the FIDO standards and public key encryption is the new archetype for authentication, and is phishing- and compromise-resistant.