Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

OpenSSL 1.0.2n patches two vulnerabilities discovered by a Google researcher using the OSS-Fuzz fuzzing service [Read More]
PayPal suspends operations of its subsidiary TIO Networks after the discovery of a data breach that affects 1.6 million customers [Read More]
Three U.S. senators have introduced the Data Security and Breach Notification Act which would require companies to notify customers affected by a data breach within 30 days. [Read More]
UK-based Clarkson, one of the world’s largest shipping companies, informed the public that it suffered a data breach and hackers may release some data [Read More]
Highly sensitive data belonging to the US Army Intelligence and Security Command (INSCOM) exposed due to unprotected AWS S3 bucket [Read More]
Bulletproof Coffee has sent out several payment card breach notifications in the past year. The company is having difficulties keeping hackers out [Read More]
Imgur rushes to notify users after learning that hackers stole data associated with at least 1.7 million accounts back in 2014 [Read More]
Secure email services provider ProtonMail introduces new encrypted contacts manager to help users protect their address book [Read More]
HP has promised to release patches for vulnerabilities found by researchers in some of the company’s printers [Read More]
The final version of the ‘OWASP Top 10 - 2017’ has been released, and CSRF and unvalidated redirects didn’t make the list [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Joshua Goldfarb's picture
Many organizations seem to focus almost entirely on technological solutions to tactical problems, rather than on strategically addressing how they can best and most efficiently protect data.
Lance Cottrell's picture
Passive Information Leakage (PIL) is one of the least known and most difficult forms of data lost to prevent, and is little understood, primarily because it cannot be addressed through conventional security practices.
Steven Grossman's picture
The challenge of data protection is not going away. Even without the ever-improving tactics of the bad guys, data sprawl has made it difficult for those just trying to do their jobs.
Jennifer Blatnik's picture
By taking what you know about security in the physical world and logically applying it to the virtual world, you can effectively protect your personal information.
Alastair Paterson's picture
What can U.S.-based companies do to prepare for the GDPR that is due to come into force in May 2018? These five steps can help.
Jennifer Blatnik's picture
Almost every industry can improve efficiencies with blockchain. But what will make blockchain a success is ultimately security.
Steven Grossman's picture
Organizations are increasingly combining UEBA technology with other data sources and analytics methods to overcome cyber risk challenges on a broader scale.
Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Erin O’Malley's picture
The CIA conducts extensive background investigations and requires polygraph examinations to gain a security clearance, yet a malicious insider apparently made off with a trove of secret CIA hacking tools.
Ashley Arbuckle's picture
The healthcare industry has a lot to gain by digital transformation. However it also has a lot to lose if it doesn’t start with security as a foundation.