Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Latest Content tagged with Compliance
Page 1 / 2   >   >>
Solving the Problem With Security Standards
Commentary  |  9/24/2020  | 
More explicit threat models can make security better and open the door to real and needed innovation.
Simplify Your Privacy Approach to Overcome CCPA Challenges
Commentary  |  9/15/2020  | 
By building a privacy-forward culture from the ground up and automating processes, organizations can simplify their approach to privacy and be prepared for any upcoming regulations.
8 Frequently Asked Questions on Organizations' Data Protection Programs
Commentary  |  9/8/2020  | 
Adherence to data protection regulations requires a multidisciplinary approach that has the commitment of all employees. Expect to be asked questions like these.
The Hidden Security Risks of Business Applications
Commentary  |  9/4/2020  | 
Today's enterprises depend on mission-critical applications to keep them productive, help better serve customers, and keep up with demand. It's important that they also know the risks.
Platform Security: Intel Pushes to Reduce Supply Chain Attacks
News  |  8/6/2020  | 
SPONSORED CONTENT: Attacks on supply chains involve lots of players and companies, not to mention an exponential amount of data for the stealing, notes Intel's Tom Garrison. Notoriously difficult to detect and mitigate, Garrison discusses new approaches to securing an individual company's computing platforms, including Compute Lifecycle Assurance.
Pen Testers Share the Inside Story of Their Arrest and Exoneration
News  |  8/5/2020  | 
Coalfire'sGary De Mercurio and Justin Wynnshare the inside story of their infamous arrest last year while conducting a contractedred-team engagement in an Iowa courthouse -- and what it took to clear their names.
Why Confidential Computing Is a Game Changer
Commentary  |  8/5/2020  | 
Confidential Computing is a transformational technology that should be part of every enterprise cloud deployment. It's time to start unlocking the possibilities together.
Citizens Are Increasingly Worried About How Companies Use Their Data
News  |  7/30/2020  | 
With data privacy important to almost every American, more than two-thirds of those surveyed say they don't trust companies to ethically sell their data.
The Data Privacy Loophole Federal Agencies Are Still Missing
Commentary  |  7/21/2020  | 
Why knowledge-based authentication is leaving federal contact centers vulnerable to an increasingly sophisticated hacker community.
UK Data Privacy Legislation Cannot Be Bypassed to Limit Spread of COVID-19
Commentary  |  7/20/2020  | 
The UK faces GDPR data privacy challenges regarding its COVID-19 "Test and Trace" program. Despite the importance of contact tracing, its intent to ignore privacy legislation is extremely worrying.
Top 5 Questions (and Answers) About GRC Technology
Commentary  |  7/15/2020  | 
For the first time in a long time, we must shift from managing localized risks against a landscape of economic growth to managing those issues under much less certain circumstances.
Making Sense of EARN IT & LAED Bills' Implications for Crypto
News  |  7/2/2020  | 
After Senate Judiciary Committee pushes EARN IT Act a step closer to ratification, raising further concerns for privacy advocates, here's what to know.
The Privacy & Security Outlook for Businesses Post-COVID-19
Commentary  |  6/5/2020  | 
Long-term business needs -- and the ethical implications that result -- don't simply go away just because we're navigating a global health crisis.
The Need for Compliance in a Post-COVID-19 World
Commentary  |  5/21/2020  | 
With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That's a big mistake.
Compliance as a Way to Reduce the Risk of Insider Threats
Commentary  |  5/14/2020  | 
Several key resources and controls can help reduce overall risk by providing guidance on proper control implementation, preventative measures to deploy, and an emphasis on organizationwide training.
Coronavirus, Data Privacy & the New Online Social Contract
Commentary  |  5/12/2020  | 
How governments can protect personal privacy in contact tracing while saving peoples' lives
Narrow the Scope of Compliance
Commentary  |  4/24/2020  | 
Many organizations are doing more than they need regarding compliance.
'Look for the Helpers' to Securely Enable the Remote Workforce
Commentary  |  4/17/2020  | 
CISOs and CIOs, you are our helpers. As you take action to reassure your company, your confidence is our confidence.
How Much Downtime Can Your Company Handle?
Commentary  |  3/31/2020  | 
Why every business needs cyber resilience and quick recovery times.
Technology Empowers Pandemic Response, But Privacy Worries Remain
News  |  3/26/2020  | 
As technology companies and the medical community work to find ways to track and test for the virus, privacy might fall by the wayside.
Do DevOps Teams Need a Company Attorney on Speed Dial?
Commentary  |  3/25/2020  | 
In today's regulatory and legislative environment, companies and individuals are exposed to lawsuits over security breaches, resulting in significant fines and ending careers.
Facebook Got Tagged, but Not Hard Enough
Commentary  |  3/18/2020  | 
Ensuring that our valuable biometric information is protected is worth more than a $550 million settlement.
Privacy in a Pandemic: What You Can (and Can't) Ask Employees
News  |  3/16/2020  | 
Businesses struggle to strike a balance between workplace health and employees' privacy rights in the midst of a global health emergency.
5 Strategies to Secure Cloud Operations Against Today's Cyber Threats
Commentary  |  2/20/2020  | 
With these fundamentals in mind, organizations can reduce their security and compliance risks as they reap the cloud's many benefits:
Some Democrats Lead Trump in Campaign Domain-Security Efforts
News  |  2/10/2020  | 
Sanders and Trump campaigns lack proper DMARC security enforcement, study finds.
Businesses Improve Their Data Security, But Privacy Not So Much
News  |  1/29/2020  | 
While the California Consumer Privacy Act will force companies to provide a modicum of meaningful privacy, World Privacy Day still mainly celebrates data security.
Why Companies Should Care about Data Privacy Day
Commentary  |  1/29/2020  | 
Marking yesterday's 14th anniversary of Europe's first data protection day reminds us how far we still have to go.
CCPA: Cut From the Same Cloth as PCI DSS
Commentary  |  1/28/2020  | 
Finally, some good news about CCPA: If you've built your security infrastructure to PCI DSS standards, you may be already covered by California's new data protection rules
Greater Focus on Privacy Pays Off for Firms
News  |  1/27/2020  | 
Privacy-mature companies complete sales more quickly, have fewer and less serious breaches, and recover from incidents faster, according to Cisco's annual survey.
Weathering the Privacy Storm from GDPR to CCPA & PDPA
Commentary  |  1/23/2020  | 
A general approach to privacy, no matter the regulation, is the only way companies can avoid a data protection disaster in 2020 and beyond.
Avoid That Billion-Dollar Fine: Blurring the Lines Between Security and Privacy
Commentary  |  1/21/2020  | 
While doing good for the user is the theoretical ideal, the threat of fiscal repercussions should drive organizations to take privacy seriously. That means security and data privacy teams must work more closely.
Data Awareness Is Key to Data Security
Commentary  |  1/21/2020  | 
Traditional data-leak prevention is not enough for businesses facing today's dynamic threat landscape.
5 Tips on How to Build a Strong Security Metrics Framework
Commentary  |  1/10/2020  | 
The carpentry maxim "measure twice, cut once" underscores the importance of timely, accurate, and regular metrics to inform security leaders' risk decisions.
Client-Side JavaScript Risks & the CCPA
Commentary  |  1/6/2020  | 
How California's new privacy law increases the liability for securing Web-facing user data, and what enterprises can do to mitigate their risk.
CCPA Kickoff: What Businesses Need to Know
News  |  1/2/2020  | 
The California Consumer Privacy Act is in full effect, prompting organizations to think about how they'll remain compliant.
'Honoring' CCPA's Binding Principles Nationally Won't Be Easy
Commentary  |  12/26/2019  | 
Even companies with the reach, capital, and innovative capacity of Microsoft or Google will struggle to adhere to the tenets of California's new consumer privacy law.
Ambiguity Around CCPA Will Lead to a Slow Start in 2020
Commentary  |  12/20/2019  | 
But longer term, compliance to California's new privacy law represents an opportunity for companies to increase customer trust and market share.
Privacy Requirements & Penalties Grow, Causing Firms to Struggle
News  |  12/19/2019  | 
Between Europe's and California's privacy laws, companies have a complex landscape to navigate in 2020. Even data-mature industries, such as financial services, see problems ahead.
Talking to the Board about Cybersecurity
Commentary  |  12/17/2019  | 
A chief financial officer shares five winning strategies for an effective board-level conversation about right-sizing risk.
SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit
Commentary  |  12/5/2019  | 
Assessments can be used against your company in court proceedings. Here's how to mitigate this potential risk.
Employee Privacy in a Mobile Workplace
Commentary  |  11/20/2019  | 
Why businesses need guidelines for managing their employees' personal information -- without compromising on security.
Americans Fed Up with Lack of Data Privacy
News  |  11/18/2019  | 
Eight out of every 10 US adults are worried over their inability to control how data about them is used, a new Pew Research survey shows.
Companies Increasingly Fail Interim Security Test, But Gap Narrows
News  |  11/12/2019  | 
Stability of PCI DSS helps companies cope and create more mature security programs, but some parts of the Payment Card Industry's Data Secure Standard continue to cause headaches.
To Prove Cybersecurity's Worth, Create a Cyber Balance Sheet
Commentary  |  11/7/2019  | 
How tying and measuring security investments to business impacts can elevate executives' understanding and commitment to cyber-risk reduction.
Microsoft Tools Focus on Insider Risk, Data Protection at Ignite 2019
News  |  11/4/2019  | 
New tools and updates aimed at addressing ongoing challenges with insider threats and sensitive data classification.
Hacking Phones: How Law Enforcement Is Saving Privacy
Commentary  |  10/30/2019  | 
It's no longer true that society must choose to either weaken everybody's privacy or let criminals run rampant.
Cybersecurity Trumps Political, Reputational Concerns for Companies
News  |  10/29/2019  | 
The average company has seen its risk increase, with cybersecurity topping the list of business threats, followed by damage to reputation and financial risks, a report finds.
4 Security Lessons Federal IT Pros Can Teach the Private Sector
Commentary  |  10/25/2019  | 
With a little research and basic planning, small companies can make big strides against the cybersecurity threats they face. Here's how.
IoTopia Framework Aims to Bring Security to Device Manufacturers
News  |  10/23/2019  | 
GlobalPlatform launches an initiative to help companies secure connected devices and services across markets.
Planning a Zero-Trust Initiative? Here's How to Prioritize
Commentary  |  10/23/2019  | 
If you start by focusing on users, data, access, and managed devices, you will make major strides toward achieving better security.
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
Vulnerability Disclosure Programs See Signups & Payouts Surge
Kelly Sheridan, Staff Editor, Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4607
PUBLISHED: 2020-09-29
IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884.
CVE-2020-24565
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25770
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25771
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25772
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...