Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

WikiLeaks releases documents describing Apple device hacking tools used by the CIA. Most require physical access to the targeted device [Read More]
A new bill, S536, cited as the 'Cybersecurity Disclosure Act of 2017', seeks to require a board level statement of cyber security expertise or practice in annual SEC filings. [Read More]
Vulnerability in the web versions of WhatsApp and Telegram allowed hackers to hijack accounts by sending a malicious file to the targeted user [Read More]
Facebook this week announced an update to its platform policies to ban developers from using data obtained from the company to build surveillance tools. [Read More]
Home Depot has agreed to pay banks $25 million as part of a settlement over the 2014 data breach [Read More]
Industry professionals comment on the CIA hacking tools detailed by WikiLeaks and the implications of the Vault7 leak [Read More]
New attack method can be used to track mobile devices that rely on MAC address randomization to protect privacy [Read More]
WikiLeaks will share details on the CIA hacking tools with tech companies, but the White House says there may be legal repercussions [Read More]
CIA responds to WikiLeaks Vault 7 dump: it’s our job to be innovative and cutting-edge, but we don’t spy on fellow Americans [Read More]
Security firms have started assessing the impact of the CIA hacking tools exposed in the WikiLeaks Vault 7 leak [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Marcus Ranum's picture
To communicate about our metrics, we need ways that we can ground our experience in terms of “normal” for us; Otherwise, we really can't communicate our metrics effectively with anyone who isn't in a similar environment.
Adam Firestone's picture
The misconception that Internet privacy equals anonymity must be dispelled if cyberspace is to be a secure and safe place. At the same time, mechanisms must be incorporated to ensure that communications remain confidential and resistant to unauthorized alteration by third parties.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Tal Be'ery's picture
The Google-backed "Certificate Transparency" initiative has gained much momentum and may have a real chance to amend the battered Public-Key Infrastructure (PKI).
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.
Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Chris Coleman's picture
The events that occurred in 2013 will forever be reflected in the Internet DNA of the future, and how the cyber security market evolves to accommodate that future.
Chris Hinkley's picture
For security professionals, PCI DSS 3.0 means that PCI compliance will become more of an everyday business practice, rather than an annual checklist obligation.
Gant Redmon's picture
Proper use of Google Glass respecting law and privacy will be all about context. Context is different depending where you are. Are you in a public place, a private place, or a restricted place like a government installation?