Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over accounts without needing access to the target's phone. [Read More]
Security researchers document vulnerabilities in AWS CloudFormation and AWS Glue that could be abused to leak sensitive files and access other customer’s data. [Read More]
Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel proposes strengthening rules around telecom providers’ reporting of data breaches. [Read More]
Microsoft’s first batch of patches for 2022 cover at least 97 security flaws, including a critical HTTP Protocol Stack bug described as “wormable.” [Read More]
Celebrated cryptographer Moxie Marlinspike is stepping down as chief executive at Signal, the encrypted messaging app he created more than a decade ago. [Read More]
The non-profit group says companies that ship open-source code should do much more to help with security audits and fixes. [Read More]
The U.K.’s National Health Service warns that an unknown threat actor is successfully hitting vulnerable VMWare Horizon servers with Log4j exploits. [Read More]
A judge said Thursday he will fine Cyber Ninjas, the contractor that led Arizona Republicans’ 2020 election review, $50,000 a day if the firm doesn’t immediately turn over public records related to the unprecedented inquiry. [Read More]
French regulators have hit Google and Facebook with 210 million euros ($237 million) in fines over their use of "cookies", the data used to track users online. [Read More]
Recorded Future snaps up SecurityTrails for a direct entry into the booming attack surface management business. [Read More]
- 1 of 86
- ››
FEATURES, INSIGHTS // Compliance
Regardless of which framework you use, it’s crucial to operationalize it in the context of your organization’s unique environment and risk factors.
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Over time, holding people responsible will lead individuals to see how their actions impact the security of the organization and come to consider themselves responsible for the security of the company.
Big companies can say they are GFPR compliant, but odds are their current structure will never allow them to find, identify, and categorize all the data that they have collected over time.
Despite the long ramp-up towards the GDPR compliance deadline, the effects of the new regulations are still very much in infancy.
GDPR is proving disruptive for European citizens who are no longer able to interact with services from outside the EU. And the compliance costs can be significant as well. But are there legitimate concerns of overreach?
Complying with GDPR was the immediate challenge, but now there is an opportunity to capture the good work that has been done and make data protection a top of mind focus for enterprises every day.
While the upcoming GDPR compliance deadline will mark an unprecedented milestone in security, it should also serve as a crucial reminder that compliance does not equal security.
With domain name WHOIS data subject to the GDPR’s privacy requirements, the system will “go dark” until alternative preparations are made, creating a challenge for this who fight computer fraud and other criminal activity on the Internet.
Penalties for non-compliance with GDPR will be severe. For example, if your organization fails to report a data breach within 72 hours, expect a fine.
- 1 of 8
- ››
Get the Daily Briefing
- Outlook Security Feature Bypass Allowed Sending Malicious Links
- Attack Surface Management Play Censys Scores $35M Investment
- French Ministry of Justice Targeted in Ransomware Attack
- Microsoft Saw Record-Breaking DDoS Attacks Exceeding 3 Tbps
- US Says National Water Supply 'Absolutely' Vulnerable to Hackers
- REvil Ransomware Operations Apparently Unaffected by Recent Arrests
- White House Publishes Federal Zero Trust Strategy
- Software Supply Chain Protection Startup Scribe Security Raises $7 Million
- VMware Warns of Log4j Attacks Targeting Horizon Servers
- QNAP Warns NAS Users of DeadBolt Ransomware Attacks
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy