Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Norway's health authorities have suspended an app designed to help trace the spread of the new coronavirus after the national data protection agency said it was too invasive of privacy. [Read More]
United States House representatives last week sent a letter to Zoom to demand explanation for the communication platform’s decision to close the accounts of U.S.-based Chinese activists. [Read More]
Twitter on Friday announced that it took down more than 30,000 accounts pertaining to three networks associated with China, Turkey, and Russia state-linked manipulation activities. [Read More]
Data discovery, privacy and security provider 1touch.io has secured $14 million in Series A funding, which will help it boost R&D and field presence. [Read More]
A newly introduced bipartisan bill seeks to provide individuals with increased control over the sharing of data with services designed to notify them if they have been exposed to the COVID-19 coronavirus. [Read More]
The US state of Arizona filed a lawsuit Wednesday accusing Google of committing fraud by being deceptive about gathering location data. [Read More]
Democrats abandon vote on the reauthorization of government surveillance programs following opposition from President Trump and the Justice Department. [Read More]
France's privacy watchdog gave the green light Tuesday to a government-backed cellphone app that will alert users if they have been in contact with an infected person. [Read More]
US lawmakers this week will vote on an amendment to the surveillance bill known as the USA FREEDOM Reauthorization Act that would limit law enforcement access to people’s search and browsing histories. [Read More]
The FTC has approved a settlement with Canadian smart lock maker Tapplock, which allegedly falsely claimed that its devices were designed to be “unbreakable.” [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

Jalal Bouhdada's picture
Jalal Bouhdada, Founder and Principal ICS Security Consultant at Applied Risk, discusses the implications of the new EU Directive on Security of Network and Information Systems (NIS)
Steven Grossman's picture
Why do we seem to need layer upon layer of regulation and guidance to try to ensure a more secure business world? Is it working?
Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.