Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
SOC 2 Attestation Tips for SaaS Companies
Attestation helps SaaS vendors demonstrate that digital security is a primary focus.
Name That Toon: Greetings, Earthlings
Caption time! Come up with something out of this world for Dark Reading's latest contest, and our panel of experts will reward the winner with a $25 Amazon gift card.
Bolstering Our Nation's Defenses Against Cybersecurity Attacks
Shawn Henry, former Executive Assistant Director of the FBI and current CrowdStrike president of services and CSO, shares the top three cybersecurity priorities that the Biden administration needs to address.
NIST Publishes Guide for Securing Hotel Property Management Systems
These sensitive systems store guests' personal data and payment-card information.
Ghost Users Haunt Healthcare Firms
Data security hygiene severely lacking among healthcare firms, new research shows.
What a Federal Data Privacy Law Would Mean for Consumers
With an array of serious proposals from both sides of the political divide, it looks as though the US may finally have a national privacy law.
How to Fine-Tune Vendor Risk Management in a Virtual World
Without on-site audits, many organizations lack their usual visibility to assess risk factors and validate contracts and SLA with providers.
Virginia Takes Different Tack Than California With Data Privacy Law
Online businesses targeting Virginia consumers and have personal data of 100,000 consumers in the state must conform to the new statute.
Cloud Security Startup Armo Emerges from Stealth with $4.5M
Armo's platform was developed to protect cloud-native workloads and provide DevOps teams with greater visibility and control.
Data Privacy Day 2021: Pandemic Response Data Must Align with Data Privacy Rules
Amid a pandemic, Data Privacy Day this year brings forth expanded responsibilities for organizations in the response to COVID-19.
What You Need to Know About California's New Privacy Rules
Proposition 24 will change Californians' rights and business's responsibilities regarding consumer data protection.
10 Benefits of Running Cybersecurity Exercises
There may be no better way to ascertain your organization's strengths and weaknesses than by running regular security drills.
US Treasury's OFAC Ransomware Advisory: Navigating the Gray Areas
Leveraging the right response strategy, following the regulations, and understanding the ransom entity are the fundamentals in any ransomware outbreak.
What's in Store for Privacy in 2021
Changes are coming to the privacy landscape, including more regulations and technologies.
The Yellow Brick Road to Risk Management
Beginning the journey to risk management can be daunting, but protecting your business is worth every step.
A Call for Change in Physical Security
We're at an inflection point. The threats we face are dynamic, emerging, and global. Are you ready?
The Sameness of Every Day: How to Change Up Audit Fatigue
And with more data compliance laws on the way, audit fatigue could be a real challenge for infosec professionals.
A Pause to Address 'Ethical Debt' of Facial Recognition
Ethical use will require some combination of consistent reporting, regulation, corporate responsibility, and adversarial technology.
The Cybersecurity Maturity Model Certification: Are You in Compliance?
Not only can this framework help companies remain solvent, but it will also protect critical information from getting into the wrong hands.
CISOs Planning on Bigger Budgets: Report
Budgets are on the rise, even in a time of revenue worries across the industry.
Verizon Payment Security Report is a Wake-up Call: Time to Refocus on PCI DSS Compliance
Too many organizations fail to enact the baseline payment security controls, according to the Verizon 2020 Payment Security Report.
Biometric Data Collection Demands Scrutiny of Privacy Law
An IT lawyer digs into the implications of collecting biometric data, why it can't be anonymized, and what nations are doing about it.
Solving the Problem With Security Standards
More explicit threat models can make security better and open the door to real and needed innovation.
Simplify Your Privacy Approach to Overcome CCPA Challenges
By building a privacy-forward culture from the ground up and automating processes, organizations can simplify their approach to privacy and be prepared for any upcoming regulations.
8 Frequently Asked Questions on Organizations' Data Protection Programs
Adherence to data protection regulations requires a multidisciplinary approach that has the commitment of all employees. Expect to be asked questions like these.
The Hidden Security Risks of Business Applications
Today's enterprises depend on mission-critical applications to keep them productive, help better serve customers, and keep up with demand. It's important that they also know the risks.
Platform Security: Intel Pushes to Reduce Supply Chain Attacks
SPONSORED CONTENT: Attacks on supply chains involve lots of players and companies, not to mention an exponential amount of data for the stealing, notes Intel's Tom Garrison. Notoriously difficult to detect and mitigate, Garrison discusses new approaches to securing an individual company's computing platforms, including Compute Lifecycle Assurance.
Pen Testers Share the Inside Story of Their Arrest and Exoneration
Coalfire's Gary De Mercurio and Justin Wynn share the inside story of their infamous arrest last year while conducting a contracted red-team engagement in an Iowa courthouse -- and what it took to clear their names.
Why Confidential Computing Is a Game Changer
Confidential Computing is a transformational technology that should be part of every enterprise cloud deployment. It's time to start unlocking the possibilities together.
Citizens Are Increasingly Worried About How Companies Use Their Data
With data privacy important to almost every American, more than two-thirds of those surveyed say they don't trust companies to ethically sell their data.
The Data Privacy Loophole Federal Agencies Are Still Missing
Why knowledge-based authentication is leaving federal contact centers vulnerable to an increasingly sophisticated hacker community.
UK Data Privacy Legislation Cannot Be Bypassed to Limit Spread of COVID-19
The UK faces GDPR data privacy challenges regarding its COVID-19 "Test and Trace" program. Despite the importance of contact tracing, its intent to ignore privacy legislation is extremely worrying.
Top 5 Questions (and Answers) About GRC Technology
For the first time in a long time, we must shift from managing localized risks against a landscape of economic growth to managing those issues under much less certain circumstances.
Making Sense of EARN IT & LAED Bills' Implications for Crypto
After Senate Judiciary Committee pushes EARN IT Act a step closer to ratification, raising further concerns for privacy advocates, here's what to know.
The Privacy & Security Outlook for Businesses Post-COVID-19
Long-term business needs -- and the ethical implications that result -- don't simply go away just because we're navigating a global health crisis.
The Need for Compliance in a Post-COVID-19 World
With the current upheaval, business leaders may lose focus and push off implementing security measures, managing risk, and keeping up with compliance requirements. That's a big mistake.
Compliance as a Way to Reduce the Risk of Insider Threats
Several key resources and controls can help reduce overall risk by providing guidance on proper control implementation, preventative measures to deploy, and an emphasis on organizationwide training.
Coronavirus, Data Privacy & the New Online Social Contract
How governments can protect personal privacy in contact tracing while saving peoples' lives
Narrow the Scope of Compliance
Many organizations are doing more than they need regarding compliance.
'Look for the Helpers' to Securely Enable the Remote Workforce
CISOs and CIOs, you are our helpers. As you take action to reassure your company, your confidence is our confidence.
How Much Downtime Can Your Company Handle?
Why every business needs cyber resilience and quick recovery times.
Technology Empowers Pandemic Response, But Privacy Worries Remain
As technology companies and the medical community work to find ways to track and test for the virus, privacy might fall by the wayside.
Do DevOps Teams Need a Company Attorney on Speed Dial?
In today's regulatory and legislative environment, companies and individuals are exposed to lawsuits over security breaches, resulting in significant fines and ending careers.
Facebook Got Tagged, but Not Hard Enough
Ensuring that our valuable biometric information is protected is worth more than a $550 million settlement.
Privacy in a Pandemic: What You Can (and Can't) Ask Employees
Businesses struggle to strike a balance between workplace health and employees' privacy rights in the midst of a global health emergency.
5 Strategies to Secure Cloud Operations Against Today's Cyber Threats
With these fundamentals in mind, organizations can reduce their security and compliance risks as they reap the cloud's many benefits:
Some Democrats Lead Trump in Campaign Domain-Security Efforts
Sanders and Trump campaigns lack proper DMARC security enforcement, study finds.
Businesses Improve Their Data Security, But Privacy — Not So Much
While the California Consumer Privacy Act will force companies to provide a modicum of meaningful privacy, World Privacy Day still mainly celebrates data security.
Why Companies Should Care about Data Privacy Day
Marking yesterday's 14th anniversary of Europe's first data protection day reminds us how far we still have to go.
CCPA: Cut From the Same Cloth as PCI DSS
Finally, some good news about CCPA: If you've built your security infrastructure to PCI DSS standards, you may be already covered by California's new data protection rules
|
Latest Comment: Congratulations George - you have won the Venuvian Lottery! Now if you will just type in your SSN, Date of Birth, Mother's maiden name ...
2021 Top Enterprise IT TrendsWe've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Tweet This
0 Comments
