Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

A new bill, S536, cited as the 'Cybersecurity Disclosure Act of 2017', seeks to require a board level statement of cyber security expertise or practice in annual SEC filings. [Read More]
Vulnerability in the web versions of WhatsApp and Telegram allowed hackers to hijack accounts by sending a malicious file to the targeted user [Read More]
Facebook this week announced an update to its platform policies to ban developers from using data obtained from the company to build surveillance tools. [Read More]
Home Depot has agreed to pay banks $25 million as part of a settlement over the 2014 data breach [Read More]
Industry professionals comment on the CIA hacking tools detailed by WikiLeaks and the implications of the Vault7 leak [Read More]
New attack method can be used to track mobile devices that rely on MAC address randomization to protect privacy [Read More]
WikiLeaks will share details on the CIA hacking tools with tech companies, but the White House says there may be legal repercussions [Read More]
CIA responds to WikiLeaks Vault 7 dump: it’s our job to be innovative and cutting-edge, but we don’t spy on fellow Americans [Read More]
Security firms have started assessing the impact of the CIA hacking tools exposed in the WikiLeaks Vault 7 leak [Read More]
WikiLeaks claims to have obtained files showing the hacking capabilities of the US Central Intelligence Agency (CIA) [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Jim Ivers's picture
Enlightened toy manufacturers likely begin to embrace the basic concepts of IoT security and build connected toys that can be trusted by parents.
Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Erin O’Malley's picture
Today, we expect ultimate convenience. But at what cost? More and more, I’m left wondering whether modern conveniences—grâce à today’s advanced technologies—are truly worth the risk.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Jim Ivers's picture
If a car’s systems can be hacked to disable critical systems, then attacks can also be used to extract information. Similar to IoT, if data is being collected, data can be exfiltrated.
David Holmes's picture
The portion of encrypted traffic keeps rising, so IT security administrators will be forced to do more SSL decryption if they are to get any value at all out of their fancy security tools.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
David Holmes's picture
In the initial hours after the Paris attacks by Islamic terrorists, when the PlayStation 4 rumor was first circulating, I decided to see exactly what kind of encryption the PS4 uses for its messaging system.
Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.