Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

Microsoft used the same certificate for all instances of its Dynamics 365 ERP product and it took more than 100 days to take action, but the company claims the issue posed little risk [Read More]
Synaptics touchpad driver present on hundreds of HP laptops includes keylogging functionality. Patches available for a majority of affected devices [Read More]
New functionality added by Onapsis to its security platform allows SAP customers to check if they are GDPR-compliant [Read More]
NIST publishes second draft of the Framework for Improving Critical Infrastructure Cybersecurity [Read More]
The most common infiltration and exfiltration methods used by attackers are successful much of the time, according to SafeBreach’s latest Hacker’s Playbook report [Read More]
ICS-CERT provides solid advice on updating antiviruses in industrial control systems, but it’s not practical and organizations should not believe AVs are enough [Read More]
Google is stepping up the fight against unwanted and harmful applications on Android and will soon start alerting users on apps and websites leading to apps that collect personal data without their consent. [Read More]
DHS memo claims China-based drone maker DJI is sending data on U.S. critical infrastructure and law enforcement to the Chinese government [Read More]
PayPal suspends operations of its subsidiary TIO Networks after the discovery of a data breach that affects 1.6 million customers [Read More]
Our mobile phones are troves of personal, private information, and the US Supreme Court weighed Wednesday how easily police should be able to get it. [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Tal Be'ery's picture
The Google-backed "Certificate Transparency" initiative has gained much momentum and may have a real chance to amend the battered Public-Key Infrastructure (PKI).
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.
Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Chris Coleman's picture
The events that occurred in 2013 will forever be reflected in the Internet DNA of the future, and how the cyber security market evolves to accommodate that future.
Chris Hinkley's picture
For security professionals, PCI DSS 3.0 means that PCI compliance will become more of an everyday business practice, rather than an annual checklist obligation.
Gant Redmon's picture
Proper use of Google Glass respecting law and privacy will be all about context. Context is different depending where you are. Are you in a public place, a private place, or a restricted place like a government installation?
Ram Mohan's picture
There is a lot we can do to keep our data private and, like many aspects of managing security, it’s a process that is best grounded in common sense. What can organizations do to shield themselves from the kind of scrutiny that has caught the world’s attention recently?
Michael Callahan's picture
There’s more than functionality and availability issues ailing Healthcare.gov. There’s significant potential for compromise.
Gant Redmon's picture
In today's world, people are screaming “Privacy!” but it’s confusing who they’re screaming at. That’s why I thought I’d pen a timely guide to the current privacy outrage. Confusion stems from there being four plot lines going at the same time.