Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Federal judge allows the FBI to keep secret the details of a hacking tool used to access the iPhone of the San Bernardino terrorist [Read More]
DNSSEC key rollover delayed by at least one quarter as millions of users could go offline due to the failure of some network operators to install the new key [Read More]
An unprotected AWS S3 bucket operated by a Verizon engineer leaked details on the telecoms giant’s internal systems [Read More]
Judge dismisses three of the six counts in the FTC case against D-Link over its alleged failure to secure cameras and routers [Read More]
The European Union unveiled plans to setup a new intelligence-sharing agency, cyber war games and product safety labels. [Read More]
Google and Spotify announce Forseti, a community-driven collection of open source security tools for Google Cloud Platform (GCP) environments [Read More]
In response to the massive Equifax breach, New York Governor Andrew Cuomo announced plans to make credit reporting firms comply with the 23 NYCRR 500 cybersecurity regulations. [Read More]
Equifax’s cybersecurity failings, including ignored vulnerability reports and executive credentials up for sale on the dark web, revealed following the breach [Read More]
Equifax shares more details about the breach and how it was discovered by the company [Read More]
CEO Eugene Kaspersky will testify before Congress regarding the use of Kaspersky products by the U.S. government [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

Steven Grossman's picture
Why do we seem to need layer upon layer of regulation and guidance to try to ensure a more secure business world? Is it working?
Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.
Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.