Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Why Companies Should Care about Data Privacy Day
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
bradshimmin
50%
50%
bradshimmin,
User Rank: Author
1/31/2020 | 9:45:14 AM
Re: Privacy
You are so right Ryan. It is all too common for companies to "whistle past the graveyard" when it comes to avoiding or just anticipating massively impactful events like this. The same thing has played out time and again with security events like corporate and governmental ransomware, making this perhaps one of those cognitive blindspots (I think it's optimism bias or something of the sort). 
WebHostingsChoice
50%
50%
WebHostingsChoice,
User Rank: Apprentice
1/31/2020 | 4:19:25 AM
Re: Privacy
Your website is a very nice platform for learning new thimgs and I have learned many things from your blog post. 
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/30/2020 | 9:38:52 PM
Re: Trust
Yes but definitely optimstic. Not to say thats how we shouldn't look at things. But companies should also have to prove it to us. The old KGB saying of "Trust but Verify" is very important especially when it comes to consumer privacy.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/30/2020 | 9:37:04 PM
Re: Regulations
Implementation and enforcement are key. Its the difference between a good intention and a best practice.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/30/2020 | 9:35:41 PM
Re: Customer data
Yup agreed. Its unfortunate that the mindset that, "well if it didn't happen to me I don't care" is all too pervasive.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/30/2020 | 9:34:10 PM
Re: Legacy
Most defintely.I often hear the phrase, "Well thats how its always been done." Or "We can't change that." 

Well, that doesn't make it right and yes you can, its just easier for you not to.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/30/2020 | 9:32:03 PM
Re: Privacy
I would say yes to a degree and I am all for it. At this point unfortunately most companies have the mentality that it will never happen to us. The ones who haven't yet been burnt by the stove at least.
Dr.T
100%
0%
Dr.T,
User Rank: Ninja
1/30/2020 | 3:38:31 PM
Trust
Rather, it will require full company participation, support, and most importantly belief in the importance of protecting both company and customer data. I agree. Believe and trust. Customers should be able to trust the companies that they do the right thing.
Dr.T
100%
0%
Dr.T,
User Rank: Ninja
1/30/2020 | 3:37:16 PM
Regulations
The real risks posed by waiting to implement the measures defined in GDPR, CCPA, and other data privacy legislation begin and end with the customer. These are good start, implementation and widely use of them will define the success of them.
Dr.T
100%
0%
Dr.T,
User Rank: Ninja
1/30/2020 | 3:35:46 PM
Customer data
Irrespective of location, any company working with data, most especially those working with customer data, must take action. When it comes to a pint that the data owners are the customers not the companies then we may see some improvement on privacy.
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/28/2020
The Problem with Artificial Intelligence in Security
Dr. Leila Powell, Lead Security Data Scientist, Panaseer,  5/26/2020
10 iOS Security Tips to Lock Down Your iPhone
Kelly Sheridan, Staff Editor, Dark Reading,  5/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13660
PUBLISHED: 2020-05-28
CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker profile name.
CVE-2020-11079
PUBLISHED: 2020-05-28
node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1.
CVE-2020-13245
PUBLISHED: 2020-05-28
Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P.
CVE-2020-4248
PUBLISHED: 2020-05-28
IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 175484.
CVE-2020-8329
PUBLISHED: 2020-05-28
A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, causing an error to be displayed and preventing printer from functioning until the printer is rebooted...