Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
How Intel Unlocks the Powerful Potential of Diversity in Cybersecurity
Sparking cultural shifts within an organization -- and throughout an entire industry -- can feel like a monumental task, but the juice is well worth the squeeze.
6 Questions to Ask Once You’ve Learned of a Breach
With GDPR enacted and the California Consumer Privacy Act on the near horizon, companies have to sharpen up their responses. Start by asking these six questions.
Proposed Browser Security Guidelines Would Mean More Work for IT Teams
CA/Browser Forum wants SSL certificates to expire after a year. Many businesses that rely on them aren't equipped to cope.
It's Not Healthy to Confuse Compliance with Security
Healthcare organizations should be alarmed by the frequency and severity of cyberattacks. Don't assume you're safe from them just because you're compliant with regulations.
Rising Fines Will Push Breach Costs Much Higher
The cost of breaches will rise by two-thirds over the next five years, exceeding an estimated $5 trillion in 2024, primarily driven by higher fines as more jurisdictions punish companies for lax security.
SafeGuard Cyber Adds Security, Compliance Capabilities for WeChat
A lack of visibility into the app could expose business users to compliance risks and security threats, the company says.
'Phoning Home': Your Latest Data Exfiltration Headache
Companies phone enterprise customer data home securely and for a variety of perfectly legitimate and useful reasons. The problems stem from insufficient disclosure.
Security Pros, Congress Reps Talk National Cybersecurity at DEF CON
Cybersecurity and government leaders discussed why Congress is unprepared for a major cyberattack and how the two parties can collaborate.
It's (Still) the Password, Stupid!
The best way to protect your identity in cyberspace is the simplest: Use a variety of strong passwords, and never, ever, use "123456" no matter how easy it is to type.
Yes, FaceApp Really Could Be Sending Your Data to Russia
FaceApp has an unprecedented level of access to data from 150 million users. What could its endgame be? We unpack three potential risks.
Cisco Pays $8.6M in First False Claims Suit for Vulnerabilities in Security Product
A security consultant reported vulnerabilities in Cisco's Video Surveillance Manager in 2009 — but the company ignored the issues and fired the consultant.
Companies' 'Anonymized' Data May Violate GDPR, Privacy Regs
New study found that any database containing 15 pieces of demographic data could be used to identify individuals.
Answer These 9 Questions to Determine if Your Data Is Safe
Data protection regulations are only going to grow tighter. Make sure you're keeping the customer's best interests in mind.
6 Actions That Made GDPR Real in 2019
In the wake of recent fines levied against British Airways, Marriott, and Facebook, companies are starting to take data privacy and security more seriously.
Data Loss, Leakage Top Cloud Security Concerns
Compliance, accidental exposure of credentials, and data control are also primary concerns for senior IT and security managers.
Why You Need a Global View of IT Assets
It may seem obvious, but many companies lose sight of the fact that they can't protect what they don't know they even have.
Marriott Faces $124 Million GDPR Fine in UK
The proposed penalty is for a data breach beginning in 2014 that affected more than 500 million customers worldwide.
Britain Looks to Levy Record GDPR Fine Against British Airways
The penalty is a sign of things to come, say experts.
The Case for Encryption: Fact vs. Fiction
The common belief that encryption enables bad behavior primarily used by thieves, international terrorists, and other villainous characters is simply not true. Here's why.
How GDPR Teaches Us to Take a Bottom-Up Approach to Privacy
Looking at underlying security needs means organizations are more likely to be in compliance with privacy regulations.
The Life-Changing Magic of Tidying Up the Cloud
Most companies' cloud security operations would benefit significantly from clean-up, alignment, and organization.
Apple Pledges Privacy, Beefs Up Security
The company hits back at the data economy — and fellow tech giants Facebook and Google — by announcing its own single sign-on service. A host of other iterative security improvements are on their way as well.
Unmixed Messages: Bringing Security & Privacy Awareness Together
Security and privacy share the same basic goals, so it just makes sense to combine efforts in those two areas. But that can be easier said than done.
Healthcare Breach Expands to 19.6 Million Patient Accounts
LabCorp says its third-party debt-collection provider, AMCA, notified the company that information on 7.7 million patients had leaked. Expect more healthcare companies to come forward.
Why FedRAMP Matters to Non-Federal Organizations
Commercial companies should explore how FedRAMP can help mitigate risk as they move to the cloud.
Medical Debt Collector Breach Highlights Supply Chain Dangers
The breach of the website of American Medical Collection Agency leaves the personal and financial information of nearly 12 million patients at risk.
Certifiably Distracted: The Economics of Cybersecurity
Is cybersecurity worth the investment? It depends.
GDPR's First-Year Impact by the Numbers
The latest statistics on GDPR spending, compliance rates, enforcement and consumer attitudes on privacy protection.
Incident Response: 3 Easy Traps & How to Avoid Them
Sage legal advice about navigating a data breach from a troubleshooting cybersecurity outside counsel.
Data Asset Management: What Do You Really Need?
At Interop, a cybersecurity and privacy leader explains her approach to data management and governance at a massive, decentralized company.
Proving the Value of Security Awareness with Metrics that 'Deserve More'
Without metrics that matter to the business, awareness programs will continue to be the bastard child of security.
Resolution Requires Cybersecurity Training for Members of Congress
A bipartisan resolution would mandate IT and cybersecurity training for all members of Congress, their staff, and employees.
California Consumer Privacy Act: 4 Compliance Best Practices
Companies that get ahead of the January 2020 data privacy deadline can minimize the risk of sanctions and also gain a competitive advantage in the marketplace.
Microsoft 365 Updated with New Compliance, Encryption, Privacy Controls
New tools, such as Compliance Manager and Advanced Message Encryption, aim to give businesses more options for data privacy.
How to Help Your Board Navigate Cybersecurity's Legal Risks
What's worse than a massive data breach? A massive data breach followed by a shareholder derivative lawsuit. Learn what’s at stake and what CISOs can do to mitigate the damage.
A Rear-View Look at GDPR: Compliance Has No Brakes
With a year of Europe's General Data Protection Regulation under our belt, what have we learned?
Will the US Adopt a National Privacy Law?
Probably not before the 2020 election. But keep an eye on this Congress as legislators debate how to define personal data and what limits to place on how companies use it.
Legacy Apps: The Security Risk Lurking in Dusty Corners
Four best practices to keep old code from compromising your enterprise environment.
7 Tips for an Effective Employee Security Awareness Program
Breaches and compliance requirements have heightened the need for continuous and effective employee training, security experts say.
Benefiting from Data Privacy Investments
GDPR-ready companies experience lower overall costs associated with data breaches, research finds.
When Your Sandbox Fails
The sandbox is an important piece of the security stack, but an organization's entire strategy shouldn't rely on its ability to detect every threat. Here's why.
Senate Bill Would Ban Social Networks' Social Engineering Tricks
Bill takes aim at tactics used to convince people to give up their personal data, designing games that addict kids, and more.
Merging Companies, Merging Clouds
Integrating cloud environments is anything but easy. Evaluating the security risks in doing so must be a starting component of an overall M&A strategy.
Privacy & Regulatory Considerations in Enterprise Blockchain
People who understand information governance, privacy, and security should be active participants on the distributed ledger technology implementation team to ensure success.
In the Race Toward Mobile Banking, Don't Forget Risk Management
The rise of mobile banking and payment services has sparked widespread adoption, making a focus on risk essential.
The 'Twitterverse' Is Not the Security Community
The drama on social media belies the incredible role models, job, training, and networking opportunities found in the real world of traditional cybersecurity.
Data Privacy Manifestos: Competitive Advantage or the Start of Something Bigger?
Facebook is the latest company to weigh in with a corporate manifesto focused on privacy. Though it's a welcome trend, only time will tell how many follow through.
A Glass Ceiling? Not in Privacy
According to a new study, female professionals in the US privacy profession outnumber males 53% to 47%.
Businesses Manage 9.7PB of Data but Struggle to Protect It
What's more, their attempts to secure it may be putting information at risk, a new report finds.
The Insider Threat: It's More Common Than You Think
A new study shows why security teams must look holistically across cybersecurity, compliance, technology, and human resources to truly address the business effects of workforce risk.
|
Latest Comment: This comment is waiting for review by our moderators.
7 Threats & Disruptive Forces Changing the Face of CybersecurityThis Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.
Tweet This
0 Comments
