Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Vietnamese lawmakers on Tuesday approved a sweeping cyber security law which could compel Facebook and Google to take down critical posts within 24 hours, as space for debate is crushed inside the Communist country. [Read More]
IBM adds two new features to its MaaS360 with Watson unified endpoint management (UEM) product: Business Dashboards for Apps and Policy Recommendation Engine [Read More]
The State Department, the Department of Homeland Security, the Department of Commerce, and the Office of Management and Budget issue reports in response to the 2017 cybersecurity executive order [Read More]
US Commerce Secretary Wilbur Ross warned that the new EU privacy rules (GDPR) in effect since last week could lead to serious problems for business, medical research and law enforcement on both sides of the Atlantic. [Read More]
The difficulty with the email problem is that it doesn't lend itself to a traditional rules-based solution -- email is used too frequently, too easily, with too many subjects and to too many people. [Read More]
The European Union's new data protection laws came into effect on Friday, with Brussels saying the changes will protect consumers from being like "people naked in an aquarium" [Read More]
Senator Ron Wyden instructs the U.S. Department of Defense (DoD) to implement HTTPS and other cybersecurity best practices on all its websites and web services [Read More]
Slack releases goSDL, an open source secure development lifecycle (SDL) tool designed to provide developers a tailored security checklist for their projects [Read More]
Twitter no longer allows Kaspersky Lab to place advertisements on its platform, apparently over the security firm’s alleged ties to Russian intelligence [Read More]
Industrial Internet Consortium (IIC) develops new IoT Security Maturity Model (SMM), building on its own security framework and reference architecture [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

Laurence Pitt's picture
Despite the long ramp-up towards the GDPR compliance deadline, the effects of the new regulations are still very much in infancy.
Travis Greene's picture
GDPR is proving disruptive for European citizens who are no longer able to interact with services from outside the EU. And the compliance costs can be significant as well. But are there legitimate concerns of overreach?
Bradon Rogers's picture
Complying with GDPR was the immediate challenge, but now there is an opportunity to capture the good work that has been done and make data protection a top of mind focus for enterprises every day.
Josh Lefkowitz's picture
While the upcoming GDPR compliance deadline will mark an unprecedented milestone in security, it should also serve as a crucial reminder that compliance does not equal security.
Alastair Paterson's picture
With domain name WHOIS data subject to the GDPR’s privacy requirements, the system will “go dark” until alternative preparations are made, creating a challenge for this who fight computer fraud and other criminal activity on the Internet.
Ashley Arbuckle's picture
Penalties for non-compliance with GDPR will be severe. For example, if your organization fails to report a data breach within 72 hours, expect a fine.
Jalal Bouhdada's picture
Jalal Bouhdada, Founder and Principal ICS Security Consultant at Applied Risk, discusses the implications of the new EU Directive on Security of Network and Information Systems (NIS)
Steven Grossman's picture
Why do we seem to need layer upon layer of regulation and guidance to try to ensure a more secure business world? Is it working?
Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.