Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Super Micro says it has conducted a thorough investigation following the recent Bloomberg report, but claims it has found “absolutely no evidence of malicious hardware” on its motherboards. [Read More]
A new class action lawsuit filed against Marriott following the massive data breach alleges that the hotel giant still exposes customer information. [Read More]
Attorneys General from 12 states announce that the first multistate HIPAA-related data breach lawsuit has been filed against Medical Informatics Engineering and NoMoreClipboard after they allowed hackers to steal the information of 3.9 million individuals. [Read More]
Several lawsuits filed against Marriott after the company disclosed a data breach impacting 500 million Starwood customers. [Read More]
Appeals court upholds the U.S. government’s ban on Kaspersky Lab software, rejecting claims that the decision is an unconstitutional legislative punishment. [Read More]
Seven European consumer groups filed complaints against Google with national regulators Tuesday, accusing the internet giant of covertly tracking users' movements in violation of an EU regulation on data protection [Read More]
British MP claims Facebook knew about potentially malicious Russian activity in 2014, long before such activity becomes public, during a parliamentary hearing where international lawmakers grilled the company [Read More]
Uber has been fined the equivalent of nearly $1.2 million by British and Dutch authorities for failing to protect customers’ data during a cyberattack in 2016 [Read More]
The Commerce Department said in proposed rules that it would consider curbs on various AI technologies such as neural networks and deep learning, computer vision, natural language processing and audio and video manipulation. [Read More]
U.S. Office of Personnel Management (OPM) has improved its security posture since the data breaches disclosed in 2015, but many issues are still unresolved, GAO says in a report [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Justin Fier's picture
Over time, holding people responsible will lead individuals to see how their actions impact the security of the organization and come to consider themselves responsible for the security of the company.
Mike Fleck's picture
Big companies can say they are GFPR compliant, but odds are their current structure will never allow them to find, identify, and categorize all the data that they have collected over time.
Laurence Pitt's picture
Despite the long ramp-up towards the GDPR compliance deadline, the effects of the new regulations are still very much in infancy.
Travis Greene's picture
GDPR is proving disruptive for European citizens who are no longer able to interact with services from outside the EU. And the compliance costs can be significant as well. But are there legitimate concerns of overreach?
Bradon Rogers's picture
Complying with GDPR was the immediate challenge, but now there is an opportunity to capture the good work that has been done and make data protection a top of mind focus for enterprises every day.
Josh Lefkowitz's picture
While the upcoming GDPR compliance deadline will mark an unprecedented milestone in security, it should also serve as a crucial reminder that compliance does not equal security.
Alastair Paterson's picture
With domain name WHOIS data subject to the GDPR’s privacy requirements, the system will “go dark” until alternative preparations are made, creating a challenge for this who fight computer fraud and other criminal activity on the Internet.
Ashley Arbuckle's picture
Penalties for non-compliance with GDPR will be severe. For example, if your organization fails to report a data breach within 72 hours, expect a fine.
Jalal Bouhdada's picture
Jalal Bouhdada, Founder and Principal ICS Security Consultant at Applied Risk, discusses the implications of the new EU Directive on Security of Network and Information Systems (NIS)