Security Experts:

Privacy & Compliance
long dotted


Comodo has mistakenly issued certificates containing internal names. The company spotted such credentials from other CAs as well.
A US judge ordered the government's bulk phone spying program shut down immediately in a symbolic victory for critics of a program set to expire in three weeks.
The FCC has fined Cox Communications $595,000 over the August 2014 hacker attack by a member of the Lizard Squad group.
The EU said it hoped to reach a new deal with Washington within three months on data transfers which major firms like Facebook rely on, but demanded "bullet-proof" privacy protections.
Britain's government published proposals for new Internet spying laws including allowing partial access to a suspect's Internet browsing history that were condemned by privacy campaigners.
Hackers breached the systems of anti-adblocking service PageFair and used the access to deliver malware
Industry professionals comment on CISA's approval by Senate and its impact on cyber security and privacy.
Google tells Symantec to step up its game when it comes to issuing digital certificates.
Since the cost of breaking SHA1 is lower than initially estimated, Mozilla is considering rejecting SHA1 based certificates sooner than planned.
Facebook has announced a new measure meant to improve the security of user accounts, saying that it has begun notifying users on suspected account compromise.

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Marcus Ranum's picture
To communicate about our metrics, we need ways that we can ground our experience in terms of “normal” for us; Otherwise, we really can't communicate our metrics effectively with anyone who isn't in a similar environment.
Adam Firestone's picture
The misconception that Internet privacy equals anonymity must be dispelled if cyberspace is to be a secure and safe place. At the same time, mechanisms must be incorporated to ensure that communications remain confidential and resistant to unauthorized alteration by third parties.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Tal Be'ery's picture
The Google-backed "Certificate Transparency" initiative has gained much momentum and may have a real chance to amend the battered Public-Key Infrastructure (PKI).
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.
Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Chris Coleman's picture
The events that occurred in 2013 will forever be reflected in the Internet DNA of the future, and how the cyber security market evolves to accommodate that future.