A special thank you to the OpenText team for hosting LFG at their Security Summit event in Chicago this week! It was a first-class, well attended event with great content on how we should be leveraging AI for threat intelligence and building for cyber resilience. We're excited about the partnership! 🐐
LFG Security Consulting’s Post
More Relevant Posts
-
Great perspective on the recent Snowflake incident and the benefits of Field Level Encryption from Kevin Hamilton!
Thoughts on the recent Snowflake incident and data encyrption. According to Mandiant Security, a financially motivated threat actor compromised hundreds of Snowflake instances using customer credentials stolen via infostealer malware that infected non-Snowflake owned systems. While it may take some time to fully measure the financial costs associated with this incident for both Snowflake and its customers, I think it's fair to say the impact will be signifcant to both the wallet and the reputation of the impacted companies. It is my belief that the use of Field Level Encryption and Multifactor Authentication would have prevented the recent Snowflake issues, because the data would not have been readable or usable to the bad actors. In my opinion, Field Level Encryption is far superior to TDE and other types of database native encryption, because it is not vulnerable to credential compromise. Typically with TDE and other database native encyrption technology, if a bad actor obtains inappropriate access to a database, they are able to access and read all of the sensitive data. If they are then able to exfiltrate the data, it results in a data breach. This was the case with the Snowflake incident. With Field Level Encryption, even if data is exfiltrated from the database, the data is still scrambled and unusable in its current format. This makes TDE and other database level encryption vulnerable to phishing, some man-in-the-middle attacks and the like. If a database administrator clicks on the wrong email, and gets his or her credentials compromised, in most cases database native encryption does not safeguard against that. Additionally, when Field Level Encryption is combined with Format Preserving Encryption schemes, the data can be used for its intended purpose without ever having to decrypt the data in most cases. This ability to use the data without decrypting it, makes Field Level Encryption far more secure than other encryption technologies that require a decrypt cycle every time the data is accessed. Having been responsible for one of the largest private sector field level encryption projects in world history, including integrating FLE with Snowflake before this incident occurred, I can personally attest to the power of this type of data protection. For institutions that store highly sensitive data such as credit cards, bank account numbers, social security numbers, drivers licenses, etc., a roadmap to Field Level Encryption should be a consideration to protect an organization's data, brand and reputation. #snowflake #databreach #encryption #cybersecurity #dataprotection #ciso #fieldlevelencryption #lfgsecurity #datasecurity #pci #ffiec #fba #payments #banking #creditcards #hipaa #deputyciso #informationsecurity #infosec #database #productsecurity #cloudsecurity
To view or add a comment, sign in
-
-
Enhance your company's security posture by understanding key supply chain risks. Take proactive steps to safeguard your operations now. 🔒 Find out more here: https://wix.to/FctEfFp #SupplyChainStrategy #SecurityRecommendations #SafeBusiness
To view or add a comment, sign in
-
-
Proactively safeguard your supply chain against evolving security threats. Discover strategies to mitigate risks and ensure continuity in your operations: https://wix.to/x9fEhun #SupplyChainRisk #SecureOperations #LFG🐐
To view or add a comment, sign in
-
As the CMMC 2.0 framework gains momentum beyond the DoD, it's becoming essential for safeguarding national security data. Stay ahead of the curve and explore the benefits of adopting these cybersecurity practices today. Click here: https://wix.to/5RTqXJo #DataProtection #Security #BestPractices 🔐
To view or add a comment, sign in
-
-
Discover the importance of a comprehensive risk assessment in maximizing your cyber insurance ROI. 🛡️ https://wix.to/P3tP9qA #SecurityStrategy #ITRisk #cyberinsurance #LFG
To view or add a comment, sign in
-
-
We're excited to announce the release of our co-authored ebook with Databricks, "Securing the Next Generation Customer Experience" in Retail! This ebook dives into the inherent security benefits of the Databricks Lakehouse Platform and explores other crucial areas for retailers to consider when safeguarding sensitive customer data. #privacy #security #nextgencx #LFGsecurity
With more and more organizations leveraging #databricks to enable personalized customer experiences, it's important we understand the protections built into the platform that help ensure customer data is private and secure. To that end, Andrew Weaver and I partnered with LFG Security Consulting, a security and privacy firm engaged with some of North America's leading retail organizations, to develop this guide to the key questions organizations should explore when housing customer data on ANY platform and how Databricks addresses these. We welcome everyone interested in how best to protect their customer data to explore this guide and to reach out to their Databricks representative to understand why so many organizations trust our platform with their most sensitive information assets. #privacy #security #nextgencx https://lnkd.in/gGCGfEXD
Securing the Next-Generation Customer Experience
databricks.com
To view or add a comment, sign in
-
Discover the importance of cybersecurity model maturity assessments and how they benefit corporate security teams. 🔒 Learn about the various frameworks available and why a consolidated approach can streamline your security strategy. Find out more at https://wix.to/OHrIRc0 #Cybersecurity #SecurityFramework #RiskAssessment #LFGSecurityConsulting🐐
To view or add a comment, sign in
-
-
Don't compromise on data security! With LFG's expert guidance, you can strengthen your data lakehouse defenses effectively. 💪 Discover more at https://wix.to/5XkQcHy today! #SecureData #LFGSecurity #DataDefense
To view or add a comment, sign in
-
-
Trying to keep up with all the state-level privacy laws? LFG is here to help with a summary and logical approach! https://wix.to/zutyBJv #newblogpost
Navigating the US Privacy Patchwork: A Guide for Businesses
lfgsecurity.com
To view or add a comment, sign in