Peacemakr
Blog

T-Mobile Hack 2021—What Hard Lessons Must We Learn?

T-Mobile was hacked again and, as is usual for data breaches, big numbers are used by the media to convey the attack’s impact—47.8 million is the official figure of how many accounts were breached. The stolen data included SSNs, first and last names, date of birth, driver’s license numbers, ID information, telephone numbers, and IMEI and IMSI numbers—unique numbers tied to each device and subscriber.

When Is the Right Time for a Startup to Take Data Security Seriously?

The age-old battle of democratic governments wanting to open backdoors in software is enough to make any startup CIO go bald from pulling their hair out.

The Human Impact of Data Breaches

The world is limping from the relentless onslaught of cyberattacks which continue to grow more sophisticated. And 2021 was the year when eyes really opened up to the immediate human dangers of compromised systems...

The Cybersecurity Paradigm Is Broken. Here's How to Fix It.

The international cybersecurity problem has reached the point of travesty. From backdoors left open or even actively created by the NSA, leading to the “most devastating cyberattack in history;” to extorting bitcoin payments from mentally ill patients in the latest healthcare breach; to years of stolen data from SolarWinds; and, finally, the shutting down of a major US pipeline—the scene has reached critical mass.

The CISO's Guide to HIPAA’s Information Protection Requirements

HIPAA itself is composed of core legislation, along with several addendums called rules. But just like every law, only through recent enforcement and judicial actions can we understand HIPAA information protection requirements.

The Pragmatic Guide to Encryption for Healthcare Startups in the US

It isn’t easy to navigate regulations around Protected Healthcare Information (PHI). This article shows how startups can tackle PHI regulations...

What is End-to-End-Encryption?

Let’s start with something we all know: Encryption in transit and encryption at rest. Encryption in transit provides...

How to Encrypt a File on the Command Line

Discover the easiest command line tool to encrypt and decrypt a file or stdin...

The Problem with Cyber Insurance: Outdated Incentives

With an increasing cost of data breaches from new laws like CCPA (effective 2020) and existing GDPR (effective 2018), the cyber insurance industry’s days are numbered. Are you ready?...

The Easiest Way to Encrypt in Python

Encrypting data is easy, but securing keys is very difficult...

3 Signs Application Data Security Is Growing Up

First, what is Application Layer Data Security? It’s any protection mechanism that helps secures data that operates at the highest layer of the computational stack ...

Securing Data in Redis with Peacemakr

When we think of data security, a lot of the time, we think of data at rest. But, systems always involve a lot more than just data at rest. For example, many large systems ...

Welcome to the Secure Data Revolution

Data is everywhere. A device that fits in our pocket blasts out more personal data and at a faster rate than even the most expensive machines did ten years ago. And data tells us stories ...

The Executive Brief: Intel SGX Hack Was a Distraction

Recently Intel’s SGX security feature was found to be susceptible to Foreshadow and Foreshadow-NG attacks. Attackers may use speculative execution, and an unprotected copy of the SGX protected memory to steal sensitive data on unpatched systems. The attack ...

The Best Way to Secure Data in Python

Anyone can copy-and-paste AES invocations from StackOverflow. But the hard part of data security is the key lifecycle management, crypto-agility, centralized controls, and secure key distribution mechanisms ...

Four Effective Tactics to Market your Product Security Features in Tech

So you built some world-class security features into your products? Cool story. Now what?

The California Consumer Privacy Act, Explained

CCPA is now a law, but the specific regulations for companies are still pending an official release from California Attorney General Xavier Becerra. These regulations will ...

Six Questions to Ask Before Encrypting Application Layer Data

In the era of Facebook data scandals and Edward Snowden whistleblowers, data has never been as valuable as it is today. Consumers are starting to catch on that their data is actually valuable. Enterprises and businesses have always understood ...

Top 3 Security Blunders of 2019 and How to Avoid Them in 2020

In tech, we build things that change people’s lives. Things that make this world a better, more fair, and more efficient place for all of us. But anything worth building is worth hacking ...

Why the Best Tech Startups Take Data-Security Seriously

You need three types of ass to build a successful business: a kick-ass team, a kick-ass product, and a kick-ass market. There’s nothing about data-security that’s required to build a business. But tech is ultra-competitive ...

Encrypting All Your Logs in 2 Easy Steps Using Logrotate and Peacemakr

Peacemakr was founded on the core principle that everyone can correctly and easily protect their data with cryptography. Today we will focus on a problem vexing system admins, security practitioners and auditors ...

Co-Founder and CEO Jon McLachlan speaks at Cloudflare Crypto Talks

Co-Founder and CEO Jon McLachlan speaks at Lyft’s OWASP San Francisco Meetup