Instructure confirms a Canvas breach involving user information and messages as hackers claim 275M users and nearly 9,000 schools were affected.
The post Canvas Breach May Put 275M Users, 9,000 Schools at Risk appeared first on TechRepublic.
Beyond the "headline breach," modern enterprises face a persistent threat: steady-state data leakage. Learn why traditional privacy definitions fail and how "authorized" data flows in workplace apps create continuous legal and operational risk.
The post Data Privacy Leaks – The Drip, Drip, Drip of Exposure appeared first on Security Boulevard.
ADT confirmed a data breach exposing customer names, addresses, phone numbers, and partial SSNs, with millions of records reportedly affected.
The post ADT Confirms Major Data Breach Exposing Millions of Names, Partial SSNs appeared first on TechRepublic.
오픈텍스트 애플리케이션 시큐리티 에비에이터(OpenText Application Security Aviator)는 AI 기반 분석 기술을 활용해 개발 과정에서 발생할 수 있는 보안 취약점을 사전에 식별하고, 코드 수정과 보안 대응을 지원하는 애플리케이션 보안 솔루션이다.
이번 교육은 특히 오프라인(Offline) 모드 환경에 초점을 맞춰, 규제 조건이 까다로운 고객사 환경에서도 해당 솔루션을 운영할 수 있는 방안을 제시하는 데 중점을 뒀다. 이를 통해 파트너들이 실제 고객 제안 및 PoC(개념검증)에 활용할 수 있는 역량 확보를 지원했다.
현장에서는 솔루션 소개와 함께 핸즈온(Hands-on) 중심의 실습이 진행됐으며, 참가자들은 프로젝트 기반 취약점 점검부터 AI 기반 정탐·오탐 분류, 코드 수정 시 보안 검증 지원 기능까지 직접 체험했다.
오픈텍스트는 이번 교육을 통해 파트너들이 AI 기반 애플리케이션 보안 기술을 이해하고, 다양한 고객 환경에 적용할 수 있는 역량을 확보하는 데 목적이 있었다고 설명했다.
오픈텍스트 관계자는 “AI 기반 보안은 개발 단계에서부터 적용되는 것이 중요하다”며 “앞으로도 파트너들이 다양한 고객 환경에서 활용 가능한 역량을 갖출 수 있도록 지원을 이어갈 계획”이라고 밝혔다.
dl-ciokorea@foundryco.com
Health data from 500,000 UK Biobank participants was found listed for sale online in China, raising concerns over research access misuse and data security.
The post Health Records of 500,000 UK Biobank Volunteers Listed Online in China appeared first on TechRepublic.
A clothing retailer patched a website flaw that exposed customer data via order links, highlighting risks associated with predictable URL structures.
The post Clothing Retailer Patches Website Flaw Exposing Customer Data appeared first on TechRepublic.
Comcast customers affected by the 2023 breach may qualify for cash, reimbursement, and identity protection under a proposed $117.5 million settlement.
The post Comcast’s $117.5M Breach Settlement: Up to 30M People May Qualify appeared first on TechRepublic.
The post What the 2025 healthcare cybersecurity claims data reveals appeared first on Resilience.
The post What the 2025 healthcare cybersecurity claims data reveals appeared first on Security Boulevard.
File servers remain, but they are no longer central to operations.
They still appear important on paper: legacy project shares with strict permissions, legal drives with structured folders, and network areas where data loss prevention (DLP), classification, and governance controls have been refined over the years. These remain prominent in legacy consoles, which can be reassuring for those familiar with that environment.
However, current workflows have shifted elsewhere.
Product teams now work in shared documents, kanban boards, and temporary comment threads. Engineering focuses on code review platforms and build systems rather than traditional file servers. Sales and customer success teams exchange sensitive information through tickets, chats, and embedded panels. Increasingly, this information is also processed by AI assistants for summarization, translation, or drafting.
If your tools are designed to monitor files on servers or scan cloud storage for similar patterns, they may detect some activity, providing a sense of control. However, these tools still operate under the assumption that data exists solely as files in specific locations.
The business no longer operates this way.
Data security posture management (DSPM) was introduced to address this shift. Early products promised to scan cloud environments, identify sensitive data in object stores and SaaS platforms, and provide a comprehensive map. For teams used to discovering unexpected S3 buckets through breach reports and incidents, this was a welcome solution.
Initially, this approach was effective. Architects could identify critical data locations, compliance teams could incorporate these findings into risk assessments, and CISOs could confidently discuss coverage with audit committees.
However, DSPM began to conflate awareness with control, similar to previous file-centric DLP solutions.
This is evident in many deployments: scans are performed, issues are reported, and some high-profile remediation projects are initiated. However, the focus soon shifts, and operational challenges continue to arise from familiar sources.
This is not due to negligence; it reflects the limitations of a map-only approach. Knowing a cloud store contains sensitive data is helpful, but it does not address how users or AI systems interact with that data.
Both the traditional DSPM and file-centric models are effective at identifying data locations but lack insight into data activity.
Feedback from those closest to the issue highlights these weaknesses.
CISOs value having an inventory, but they are also responsible when incidents occur involving key accounts or critical projects. In these situations, knowing which stores are sensitive is insufficient; they need to determine whether a specific user, tool, or agent interacted with that data in a way that requires regulatory explanation.
Security architects also appreciate data maps, but they recognize that risk ratings across repositories do not identify which ones are most vulnerable to workflow issues. Static risk scores cannot differentiate between stable and dynamic risk environments.
Engineers are tasked with integrating DSPM findings, DLP rules, and inputs from EDR and IAM systems to create a unified solution. When these components are separate products, engineers often serve as the connectors, which becomes problematic if key personnel transition to other teams.
SOC analysts manage the resulting alerts, which often come in separate formats such as file-based actions and DSPM issues. They are expected to correlate these streams manually. When unusual activity occurs, the effectiveness of the response depends on timely cross-referencing of relevant data.
There is extensive mapping, but limited intervention.
A new approach is emerging among teams seeking more effective solutions.
In this approach, DSPM is not eliminated but repositioned. It serves as a valuable source of information about critical data locations, though it is no longer the central focus of data security.
The primary focus shifts to a more direct question:
“Given that we know which stores and datasets are most important, how do we monitor data activity and intervene appropriately without disrupting workflows?”
Addressing this requires two elements that previous models did not prioritize.
The first is continuous data lineage: maintaining a real-time record of how content from critical stores moves throughout the environment. This includes not only files, but also reports, exports, cached copies, chat messages, and AI prompts that originate from these sources.
The second is implementing controls that recognize data lineage. DLP and related policies should consider the origin of content, not just patterns and paths. For example, treating any data derived from a specific dataset as critical when it moves to certain destinations is a more precise approach than simply blocking content based on pattern recognition.
When DSPM, DLP, and data lineage are integrated within a single platform, the system can automatically adjust how high-risk data is managed across endpoints, browsers, collaboration tools, and AI workflows. Analysts benefit from built-in correlations, reducing manual effort.
When these capabilities exist in separate products that only exchange data through exports and webhooks, it increases complexity and workload for those responsible for maintaining system alignment.
This is not a criticism of any specific vendor. File-centric DLP and map-only DSPM were appropriate solutions for their time and addressed genuine industry needs.
However, industry requirements have evolved.
If your unstructured data security strategy continues to prioritize file servers or static cloud inventories, you will remain unprepared for incidents that occur outside the scope of these tools.
Alternatively, by using a DSPM, that is integrated with DLP that uses data lineage, you gain the ability to detect and respond to potential data exfiltration before it is too late.
About the Author: Franklin Nguyen is a product marketing leader in AI and data security at Cyberhaven. With prior roles spanning Tenable, Zscaler, VMware, and IBM, he brings experience across cloud infrastructure, hyperscalers, and modern security platforms, helping organizations navigate the evolving challenges of protecting data in AI- and cloud-driven environments. Based in the San Francisco Bay Area, Franklin also leads the AI & Data Security Collective, a community of security leaders focused on advancing best practices, collaboration, and innovation in AI and data security.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, File Servers)
Europe’s plan to build sovereign search infrastructure highlights a growing security concern: dependence on foreign platforms for access to information and AI knowledge may represent a systemic vulnerability.
The post Europe’s Sovereign Search Plan is Really a Security Strategy appeared first on Security Boulevard.
Entrar