From the blog

On a brisk winter day in Sydney, the city's iconic harbour welcomes a new guest: the future USS Canberra (LCS 30). This isn't just any arrival, it's a landmark moment in the history of the U.S. Navy, an event that epitomises the deepening relationship between AUKUS partners. In a first of its kind, the U.S. Navy is holding an international commissioning ceremony at the Royal Australian Navy Fleet Base East in Sydney, Australia on July 22, 2023.

In today's digital age, data breaches have become a common occurrence, and organizations are at constant risk of sensitive data being compromised. To counter these threats, many businesses are adopting the Zero Trust security model, which emphasizes the principle of "never trust, always verify." Cocoon Data is a Zero Trust solution that provides a comprehensive set of security measures to protect sensitive data. Let's explore how Cocoon Data adheres to the Zero Trust principles and what makes it a reliable solution for secure data sharing.

Insurance organizations are subject to a dizzying array of compliance standards. If you’re working at a health insurance company, you’re already familiar with the requirements of the Health Insurance Portability and Accountability Act (HIPAA). If you’re in the U.S., you must deal regularly with your state insurance commissioner. If you have a great deal of health data, you must satisfy the requirements of the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR). And if you also offer life insurance or other financial service products, your organization will be subject to the Gramm-Leach-Bliley Act (GLBA).

Some may think insurance firms don’t have much to worry about when it comes to cybersecurity—but you know better. Today’s cybercriminals aren’t just attacking companies with online stores. They’ll target any company that has vast amounts of personal data—and insurance firms certainly fit the description.

When was the last time you assessed your CMMC readiness? If your organization does business with the U.S. government, CMMC should be near the top of your priority list. But if this topic is new to you—or if you don’t know where to begin—we’re here to help.

As a health organization, it’s your responsibility to adhere to the Health Insurance Portability and Accountability Act (HIPAA). You also need to have HIPAA-compliant file sharing standards to ensure that patients’ Protected Health Information (PHI) remains secure. Your healthcare organization can’t operate without sharing files, but common data sharing solutions such as Google Drive are not HIPAA-compliant on their own – and there are severe penalties for HIPAA non-compliance that you should know about.

The Gramm-Leach-Bliley Act (GLBA) of 1999 forever changed the way financial institutions do business. But even after more than two decades, there’s still confusion about what exactly constitutes GLBA compliance. Most organizations realize they must protect their data—but to what extent? They know they need robust security solutions in place—but what kinds? And how should financial institutions react when a data breach does occur?

Healthcare data security sounds deceptively simple: you strive to prevent any compromises of data or systems that will impede patient care. But it’s the details that are complicated. Several categories of established and emerging threats keep hospital IT staff working late. There are as many solutions on the market as problems to be addressed—but that only makes the task more complicated. With so many healthcare data security solutions available, how can your organization get the exact level of protection it needs without bursting your IT budget?

Want to take your cyber security initiatives to the next level? Consider taking a Zero Trust approach when selecting and implementing a secure file management, sharing, and collaboration platform.

We’ve all heard a lot about digital transformation. We seldom hear about digital transformation and cybersecurity in the same sentence—but we should. Most companies think about digitizing their business in terms of the technologies they’ll embrace, the channels they’ll open, and the time and money they’ll save. That’s great. The benefits of making the leap are immense. In fact, companies that still haven’t even begun going digital probably won’t survive much longer because their more tech-savvy competitors are miles ahead of them in their ability to remain flexible to customer needs.

Various productivity technologies have come and gone, but email is here to stay. Businesses still revolve around the inbox, and they probably always will. Scammers are aware of this, so they continue to find new ways of deceiving people into clicking links and opening attachments that will cause them to unwittingly expose business data or personal information. One innocent mistake by your employees can cause millions of dollars of damage to your company. Here are 12 email security tips to help you and your colleagues stay safe.

Everyone is talking about ransomware these days, and with good reason. Attacks are on the rise, and victimized businesses face the choice of either paying thousands of dollars in ransom or never seeing their business data again. You may be tempted to say, “We’re a small business. There’s no way we would be a target!” But cybercriminals don’t discriminate. It’s actually much easier for them to attack dozens of smaller businesses and demand ransoms of, say, $5,000 each, than it is for them to hack into a Fortune 100 company and demand millions.

If you’re in the defense industrial base, you may have heard about geofencing, the ability to limit access to data depending on a user’s location, and wondered if it applies to your business. Yes, you’re aware that letting any regulated information leave the boundaries of the U.S. would constitute unauthorized disclosure. But you’ve already put advanced data access controls in place and don’t anticipate that any of your data would be leaked across borders.

The CMMC (Cybersecurity Maturity Model Certification) puts an emphasis on wrapping security controls around sensitive data. A robust file access management and security solution is a necessity to meet increased data security requirements across the industry.

As of November 4, 2021, it’s official: CMMC 2.0 is here. The United States Department of Defense (DoD) has released a revision to the Cybersecurity Maturity Model Certification (CMMC) 1.0 framework. Their goal is to streamline and accelerate the enforcement measures already in place for CMMC. If you’re wondering what has changed and how it will affect your business, we’re here to help. The first thing you should know is that the changes are only structural, and the core of the program hasn’t changed. If your organization is in the Defense Industrial Base (DIB), you’re still required to adopt and implement advanced security controls to protect sensitive, unclassified DoD data.

If your organization does business with the U.S. military, then you’re probably already familiar with FIPS 140 Level 2 encryption requirements. And demonstrating compliance is an essential first step to landing government clients. But even if you’re not working exclusively in the defense industry, consider the damage that a data breach could do to your firm’s reputation. Potential clients might pick up a newspaper and discover that your company was responsible for the leak of the names and credit card numbers of, say, 2,000 clients. The negative news associated with this sort of breach would almost certainly result in a loss of business and a damaged reputation.

“With a number of cloud-based file sharing and data storage companies entering into the market, compliance, security, and governance of sensitive data has become a burning issue. If that was not enough, the recent pandemic has opened a new warfront for global organizations.

If you're a defense contractor, or are considering entering the defense supply chain, you probably have security and compliance requirements on your mind. The US is arguably the most advanced market in this space - stringent requirements, known as CMMC, were announced in January 2020 and by 2023, all new US Department of Defense contractors will require CMMC certification.

If critical infrastructure security isn’t already on the mind of U.S. businesses, it will be soon. On May 12, 2021, President Biden issued an executive order on improving the nation’s cybersecurity. As the order stated: “It is the policy of my Administration that the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security.”

Healthcare data security is a growing, global issue. In June 2021, Australia’s largest state health body, New South Wales Health, made headlines after the state government advised patients that their personal information may have been accessed as part of the Accellion global cyber-attack. Just one month earlier, computer systems belonging to the Waikato Health District Board (DHB) in New Zealand were impacted by a ransomware attack. A few weeks later, the media reported the release of patient medical records and financial data to the dark web.

We’ll get right to the point: you may have heard recently that with CMMC 2.0, you can self-attest your organization’s compliance. This is true, but there’s more to it than that. Under CMMC 1.0 , all organizations would have had to be audited by a third party (CP3AO). With CMMC 2.0, self-attestation is possible, but only for organizations not required to undergo a C3POA audit by the DoD. Also, there are pros and cons to self-attesting. We’ll get into that later in this article. First, let’s walk through the CMMC 2.0 requirements, so you’ll have an idea of whether or not self-attesting will be available to your organization.

Department of Defense (DoD) requirements mean contractors must ensure CMMC compliance within their own organizations, and throughout their supply chains. With multi-million dollar contracts at stake, the cost of non-compliance – and even small mistakes with suppliers – is significant.

Cocoon Data’s Senior Engineer of US GovCloud Operations, Nick Martin, was invited as a guest speaker to discuss CMMC with Atlas Systems Integration and Support Technologies President, Narada Overton. 

Cocoon Data sponsors America's SBDC North Star – CMM initiative, supporting small businesses in enhancing data security. They provide a secure cloud-based file sharing and storage tool that complies with cybersecurity standards. The initiative offers guidance and tools to safeguard sensitive data from cyber threats. By opting for secure platforms like Cocoon Data, businesses can protect their information instead of relying on public services. SBDC clients can explore Cocoon Data's services at no cost, promoting and encouraging good security practices for business operations.

In a strategic partnership between eFortresses and Cocoon Data, the secure storage and collaboration tool provided by Cocoon Data was leveraged to streamline CMMC training and implementation processes. Taiye Lambo, the founder of eFortresses and HISPI, found Cocoon Data's features highly beneficial in protecting and enforcing NDAs for CMMC course content and securely gathering evidence for gap analysis. The platform's secure access controls, digital watermarking, and encryption capabilities provided a reliable solution for sharing sensitive information while ensuring data integrity and compliance. This collaboration highlights the value of Cocoon Data in enhancing cybersecurity practices and facilitating secure information sharing.

As a Human Resources (HR) professional you are involved in the most private aspects of your fellow employees’ work lives. You’re an expert in compensation and benefits, managing numerous uncomfortable topics, such as substance abuse, workplace hostility and unethical behaviour. 

Cocoon Data and eFortresses are pleased to announce their strategic partnership, designed to help organizations in the US Dept of Defense supply chain who will be impacted by the introduction of the Cybersecurity Maturity Model Certification (CMMC) later this year.

Following several large-scale cyber attacks on Australian Governments and Businesses, Cocoon Data hosted an event with the former Defence Minister, the Hon Christopher Pyne, and Cocoon Data’s Chairman and CEO, Trent Telford.

Government agencies and U.S. companies are turning to the flexible, scalable and cost-effective option of cloud computing. While some are still taking a cautious approach with the cloud when it comes to handling sensitive and classified data, we’re hearing more often than not, that CISO’s, Risk Managers and those responsible for governance recognize the value cloud has to offer when their risk and security concerns are addressed.

In an era where data security is paramount, Cocoon Data has emerged as a leading provider of innovative solutions to safeguard sensitive documents. Their use of dynamic watermarking technology sets them apart from traditional approaches, offering a unique and powerful method for protecting confidential information. By assigning a distinct watermark to each collaborator, Cocoon Data ensures that leaked documents can be accurately traced back to their source. In this article, we delve into the workings of Cocoon Data's Content Viewer, the tool responsible for implementing dynamic watermarking, and explore its effectiveness in discouraging unauthorized information sharing. Additionally, we highlight the broad range of file formats supported by the Content Viewer, making it a versatile solution for organizations across various industries. Discover the cutting-edge security features offered by dynamic watermarking and how Cocoon Data empowers businesses to protect their valuable data assets.

The laws around social distancing during the COVID19 pandemic have dramatically changed the way we all live and work, relocating most employees from a traditional office environment to working from home.

Hi everybody my name is Kevin Homer and I’m reporting here from Highlands Ranch, Colorado. A suburb of Denver for those of you who are unfamiliar, and I am the Vice President of Sales and Business Development for Cocoon Data.  

Cloud solutions for compliance and regulated data take a monumental burden off of businesses. Compliance directives such as ITAR and EAR apply to your business regardless of your resources or ability to become compliant. Maintaining compliance and reducing the IT burden on your business are no longer mutually exclusive. Trust a proven, ITAR compliant, security solution and access your data with ease using Cocoon Data for ITAR.

Mandatory audits for data protection and control under ITAR/EAR begin at varying levels from 2020, so it is now more important than ever to thoroughly understand the levels of compliance provided by various vendors. Misleading claims can cause confusion and put your government contracts at risk.

Mandatory audits for data protection and control under ITAR/EAR begin at varying levels from 2020, so it is now more important than ever to thoroughly understand the levels of compliance provided by various vendors. Misleading claims can cause confusion and put your government contracts at risk.