Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Facebook announces that its Data Abuse Bounty program now includes Instagram, and the company has invited some security researchers to test Instagram’s new Checkout feature. [Read More]
Apple files copyright infringement lawsuit against Corellium for creating replicas of iOS that can be used as a security research tool for discovering vulnerabilities. [Read More]
A survey of over 2,000 Americans shows that cybersecurity has become a political issue and most believe that cybersecurity should be a top priority for the government. [Read More]
Facebook has paid hundreds of contractors to listen to and transcribe snippets of users' conversations, US media reported on Tuesday, amid heightened scrutiny of the social network's data collection practices. [Read More]
Global privacy regulators joined forces Tuesday to demand guarantees from Facebook on how it will protect users' financial data when it launches its planned cryptocurrency, Libra. [Read More]
U.S. Attorney General Bill Barr says increased encryption of data on phones and computers and encrypted messaging apps are putting American security at risk. [Read More]
San Francisco-based privacy compliance and data protection firm TrustArc raises $70 million in a Series D funding round. [Read More]
Marriott says it will fight a $123 million U.K. government fine related to its massive data breach. [Read More]
UK data watchdog says it intends to fine British Airways £183.39 million ($230 million) for the 2018 data breach that impacted 500,000 of its customers. [Read More]
Later this month, three years after federal agents raided Harold Martin's house, the case is scheduled to be resolved, but the identity of the Shadow Brokers will remain a public mystery. [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

Jalal Bouhdada's picture
Jalal Bouhdada, Founder and Principal ICS Security Consultant at Applied Risk, discusses the implications of the new EU Directive on Security of Network and Information Systems (NIS)
Steven Grossman's picture
Why do we seem to need layer upon layer of regulation and guidance to try to ensure a more secure business world? Is it working?
Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.