Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A new Senate report highlights the decade-long failure of several federal agencies to secure their systems and protect sensitive and personal information. [Read More]
Google is making web browsing with Chrome safer with a new option for reporting suspicious websites and a new warning mechanism for sites that use deceptive URLs. [Read More]
San Francisco, CA-based Aptible has raised $12 million in a Series A funding round led by Maverick Capital, with additional investors Thrive Capital and Western Technology Investment. [Read More]
Some U.S. government agencies still rely on knowledge-based identity verification despite the fact that the OPM and Equifax breaches have made this system insecure. [Read More]
Facebook on Tuesday launched an app that will pay users to share information with the social media giant about which apps they’re using. [Read More]
Facebook said it would cut off Huawei from its popular social networking apps to comply with US sanctions, further isolating the Chinese tech giant considered a national security threat by Washington. [Read More]
Privacy-focused ProtonMail has been accused of voluntarily helping law enforcement spy on users, but the company has denied the accusations. [Read More]
New York State Department of Financial Services (DFS) launches a new cybersecurity division whose role is to protect consumers and financial organizations from cyber threats. [Read More]
Huawei has promised to continue delivering Android security updates to existing phones and tablets after Google suspended business with the Chinese company. [Read More]
An Israeli spyware company named in a Financial Times report on a WhatsApp security flaw prides itself on "rigorous, ethical standards" despite previous links to alleged espionage. [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

Jalal Bouhdada's picture
Jalal Bouhdada, Founder and Principal ICS Security Consultant at Applied Risk, discusses the implications of the new EU Directive on Security of Network and Information Systems (NIS)
Steven Grossman's picture
Why do we seem to need layer upon layer of regulation and guidance to try to ensure a more secure business world? Is it working?
Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.