Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

US embassies could ask visa applicants for passwords to their own social media accounts in future background checks, Homeland Security Secretary John Kelly said Tuesday. [Read More]
Google is planning to appeal a ruling that it must comply with search warrants involving customer data stored on servers outside of the United States. [Read More]
Researchers found 76 popular iOS applications that allow attackers to silently intercept TLS-protected data [Read More]
Rapid7 adds hardware bridge to Metasploit framework - penetration testers can use it to analyze IoT hardware and software, ICS and SDR systems [Read More]
VMware has patched important vulnerabilities in some of its AirWatch applications for Android [Read More]
Facebook proposes new method for recovering accounts when users forget their passwords or their credentials get compromised [Read More]
U.S. President Donald Trump's executive order titled 'Enhancing Public Safety in the Interior of the United States' appears to threaten the future of the EU/US Privacy Shield, but that may not be the case. [Read More]
Rumors circulating on hacker forums claim the controversial LeakedSource website was shut down following a law enforcement raid [Read More]
Researchers analyzed 283 Android VPN applications from Google Play and found that many of them introduce security and privacy risks [Read More]
The popular darknet marketplace AlphaBay was until recently affected by a vulnerability that exposed its users’ private messages [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Erin O’Malley's picture
Today, we expect ultimate convenience. But at what cost? More and more, I’m left wondering whether modern conveniences—grâce à today’s advanced technologies—are truly worth the risk.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Jim Ivers's picture
If a car’s systems can be hacked to disable critical systems, then attacks can also be used to extract information. Similar to IoT, if data is being collected, data can be exfiltrated.
David Holmes's picture
The portion of encrypted traffic keeps rising, so IT security administrators will be forced to do more SSL decryption if they are to get any value at all out of their fancy security tools.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
David Holmes's picture
In the initial hours after the Paris attacks by Islamic terrorists, when the PlayStation 4 rumor was first circulating, I decided to see exactly what kind of encryption the PS4 uses for its messaging system.
Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.