Security Experts:

long dotted


A GDPR enforcement notice to Canadian firm AggregateIQ Data Services Ltd (AIQ) will show how the courts view the extension of European regulations beyond the borders of the European Union. [Read More]
Symantec completes accounting audit that caused shares to drop over 30%. Investigation uncovered some issues, but there is only one transaction that impacts financial statements [Read More]
Altaba, formerly known as Yahoo, has agreed to settle consumer class action lawsuits triggered by the massive data breaches suffered by the company for $47 million [Read More]
Nearly one-third of data breaches resulted in someone losing their job, and in North America the C-Suite is most likely to be blamed for a breach [Read More]
U.S. Senators send letter to State Department asking about its use of multi-factor authentication and other cybersecurity practices [Read More]
It took Equifax 76 days to detect the massive data breach in 2017, despite the attackers running 9,000 unauthorized queries on its databases, according to a GAO report [Read More]
Google will introduce a new verification program for tech support ads in an effort to keep scams off its advertising platform [Read More]
The timely delivery of security updates for Android smartphones is a highly important defense-in-depth strategy, Google says [Read More]
Companies are preparing for what some say is the wave of the future: laws requiring businesses to be up-front with customers about how they use personal information. [Read More]
More than half of 500 federal employees surveyed admitted to experiencing a cybersecurity incident after implementing a new digital initiative, while almost half of those said that the incident delayed future innovation. [Read More]


rss icon

Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.
Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Chris Hinkley's picture
For security professionals, PCI DSS 3.0 means that PCI compliance will become more of an everyday business practice, rather than an annual checklist obligation.