Security Experts:

Privacy & Compliance
long dotted


Google received nearly 45,000 government requests in the first half of 2016, including from countries that had not made any requests before [Read More]
Twitter and Facebook have cut access to certain data for an analytics firm which according to a civil liberties group helped law enforcement track protesters in social movements. [Read More]
WoSign and StartCom will become separate entities and new leadership has been appointed at both firms following the recent certificate scandal [Read More]
The Safari browser in iOS 10 no longer offers the same level of privacy as before when it comes to Private Browsing, a researcher has discovered. [Read More]
UK telecoms company TalkTalk has been given a record £400,000/$510,000 fine for the 2015 data breach that affected 157,000 users [Read More]
In her first speech as the UK's new Information Commissioner, Elizabeth Denham gave few clues on how the Data Protection laws in the UK will eventually look post Brexit. [Read More]
Following Mozilla’s report on WoSign’s wrongdoings, Apple has decided to remove trust in WoSign certificates on iOS and OS X [Read More]
Researchers disclose a DNS-based attack method that semi-global adversaries can leverage to deanonymize Tor users [Read More]
Audit conducted recently by GAO shows that the FDA exposes industry and public health information due to improper security controls [Read More]
Apple can’t tap into iMessage conversations, thanks to end-to-end encryption, but the iPhone maker does know who you message or attempt to message with. [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Jim Ivers's picture
If a car’s systems can be hacked to disable critical systems, then attacks can also be used to extract information. Similar to IoT, if data is being collected, data can be exfiltrated.
David Holmes's picture
The portion of encrypted traffic keeps rising, so IT security administrators will be forced to do more SSL decryption if they are to get any value at all out of their fancy security tools.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
David Holmes's picture
In the initial hours after the Paris attacks by Islamic terrorists, when the PlayStation 4 rumor was first circulating, I decided to see exactly what kind of encryption the PS4 uses for its messaging system.
Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Marcus Ranum's picture
To communicate about our metrics, we need ways that we can ground our experience in terms of “normal” for us; Otherwise, we really can't communicate our metrics effectively with anyone who isn't in a similar environment.
Adam Firestone's picture
The misconception that Internet privacy equals anonymity must be dispelled if cyberspace is to be a secure and safe place. At the same time, mechanisms must be incorporated to ensure that communications remain confidential and resistant to unauthorized alteration by third parties.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.