LDSR block chain taking position here DATA443 (OTCPK:LDSR) Appoints Industry Veteran to Strategic Advisory Board Jan 09, 2018 OTC Disclosure & News Service
-
RALEIGH, N.C., Jan. 09, 2018 (GLOBE NEWSWIRE) -- “We are pleased to include software industry veteran and strategic leader Mr. Todd Spain to our Strategic Advisory Board for DATA443. Mr. Spain has held leadership roles in some of the largest and fastest growing software companies in the world and continues to be very active in the finance and VC/startup ecosystem in Raleigh,” stated Mr. Remillard, CEO of DATA443 Risk Mitigation, Inc. at an announcement.
Mr. Spain is currently a Limited Partner for Excelerate Health Ventures, former COO for Percona – a global leader in database technologies, former VP of IT for Fidelity Investments and Global IT Delivery Executive for Cisco Systems and is an active member of several local non-profit organizations. He is also the co-founding member of the Blockchain Executive Group.
“I am excited to contribute to the success of DATA443 and the possibilities presented by the leadership team. I expect to contribute my skill sets to the organization as part of the Strategic Advisory Board beginning immediately,” comments Mr. Spain.
The Strategic Advisory Board for DATA443 Risk Mitigation, Inc. was initiated in January 2018 will continue to add new members as the organization grows and changes as part of its normal business plan. DATA443 will be assigning a diverse group of individuals from various disciplines, geographies, industries and relationships throughout the year. The Strategic Advisory Board is intended to be a sounding board for upcoming strategic reviews, product and acquisition reviews and a collaboration venue bringing industry experts, customers and executives of DATA443 together.
“Mr. Spain will be able to contribute immediately with his exposure to international business markets and compliance and governance experience as a vendor. His professional network will prove to be valuable as we evaluate new business opportunities and capabilities as part of our growth plans,” adds Mr. Remillard.
About DATA443 Risk Mitigation, Inc. DATA443 Risk Mitigation, Inc. (OTCPK:LDSR) (www.data443.com) is a technology company that is actively developing and acquiring cyber-security products & service offerings that are central to blockchain, cyber data security, GDPR, compliance and governance capabilities. The Company develops its own technologies and has an active acquisitions program in place.
Forward-Looking Statements Except for the historical information contained herein, the matters discussed in this press release are forward-looking statements. Actual results may differ materially from those described in forward-looking statements and are subject to risks and uncertainties. See DATA443 Risk Mitigation, Inc.’s filings with the SEC, which may identify specific factors that may cause actual results or events to differ materially from those described in the forward-looking statements.
As the news poured out following the breach the tendency may have been to focus more on the sensational aspects of the discussion. For instance, ample attention was paid to the fact that the person overseeing security had been a music major in college. A non-issue that while superficially salacious, lacked any ability to provide strategic insight into how to better secure databases or avoid breaches in the future.
But time has passed, the security community has had time to assess and now we can begin to glean some actual lessons from this whole debacle. I took the opportunity to speak with experts in the infosec community and these were some of their biggest takeaways.
The Little Things Matter One of the common themes amongst the experts we spoke with was that little mistakes can cost you big-time.
“Equifax was attacked through a vulnerability in the Apache Struts web-application software,” said Steven Weisman, a lawyer and college professor who teaches White Collar Crime at Bentley University. “A patch for the particular vulnerability exploited had been issued in March and the breach did not occur until May. The lesson is a simple one. Whenever security updates are issued they must be installed as soon as possible. The delay on the part of Equifax was inexcusable.”
However, according to Frank Strong, the founder and president of Sword and the Script Media, things aren’t that simple.
“One of the underlying issues that have come to the forefront in the aftermath of the Equifax breach is patching vulnerabilities. Big organizations with complex IT infrastructure prefer to test new vulnerability patches before implementing these to a live environment. This change in management process helps ensure these don’t cause another problem,” says Strong. “This creates a gap – the time between the revelation of a new vulnerability and the implementation of a patch. In turn, this initiates a race as bad actors start narrowing down high-value targets that remain unpatched, as Druce MacFarlane wrote in a recent contribution to CSOonline.com.”
“A layered security posture with complementary tools (that ideally play well with each other) offers advantages. As MacFarlane said, “A responsible enterprise should either patch or aggressively monitor a new vulnerability – and preferably they do both. The longer Equifax stayed vulnerable to this exploit, the more inevitable such a breach became.”
Lipservice Over Security One of the other takeaways was that Equifax seemed more interested in sounding good about security than actually being good about security.
“Security lipservice is more of a problem than we realized,” said Kenneth S. Robb, Cyber Security and Risk Consultant at Citadel Cyber Solutions. “Revenue/Ease of Use/Stock Price were all valued higher within Equifax.”
Robb went on to say that our most sensitive data is now public record yet most banking institutions still rely on those data points for account verification.
“Security must now be at the forefront of everything we do (Thwarting Social Engineering through Training, securing data in transit and at rest, data tokenization),” said Robb. “Whether we like it or not, Equifax has thrust us all forward as our own data managers.”
Jason Remillard is the President of Data443 Risk Mitigation, Inc. is less interested in casting blame and more focused on what this means for the storage of data at rest.
“Without full knowledge about who is ‘at fault’ – the main point is that the information needs to be encrypted at rest, and any single application/service/user access is decrypted as part of the transaction,” said Remillard. “There are several technologies available for this type of protection – however, they all require application modifications – something I suspect was the blocking factor in further protecting this highly sensitive infrastructure. Either way, sensitive information must not leave its repo without crypto approvals – new regulations like GDPR will further enhance this requirement”
The GDPR or General Data Protection Regulation is an incoming set of rules from the EU that will affect all companies with a footprint in Europe.
Had it been in effect when this breach occurred Equifax would be facing hundreds of millions of dollars in fines.
And that, itself might be the biggest takeaway from all of this. Other companies need to take note and get in compliance before May 25, when the GDPR goes into effect or else similar mistakes could have astronomical financial consequences.
And of course the last takeaway, agreed upon almost universally, was don’t use “Admin” as a password to protect important databases. Admin is a default password, one that was clearly never changed after the setup.
It seems silly to have to say it. But, here we are…
Market Data 
Markets 
AI
