Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Study conducted by Accenture and AMA shows that a majority of physicians in the US have experienced a cybersecurity incident, including phishing, malware and inappropriate access by insiders [Read More]
After getting complaints from developers, Google is evaluating whether it should continue allowing innovative use of accessibility services by Android apps [Read More]
Microsoft used the same certificate for all instances of its Dynamics 365 ERP product and it took more than 100 days to take action, but the company claims the issue posed little risk [Read More]
New functionality added by Onapsis to its security platform allows SAP customers to check if they are GDPR-compliant [Read More]
NIST publishes second draft of the Framework for Improving Critical Infrastructure Cybersecurity [Read More]
ICS-CERT provides solid advice on updating antiviruses in industrial control systems, but it’s not practical and organizations should not believe AVs are enough [Read More]
DHS memo claims China-based drone maker DJI is sending data on U.S. critical infrastructure and law enforcement to the Chinese government [Read More]
PayPal suspends operations of its subsidiary TIO Networks after the discovery of a data breach that affects 1.6 million customers [Read More]
From raising $30 million in 30 seconds to being endorsed by Paris Hilton or vanishing into thin air: anything is possible in the risky new world of cryptocurrency fundraising, but regulators are lurking. [Read More]
The chairpersons of the House Science, Space, and Technology Committee and the House Oversight and Government Reform Committee on Monday sent a new letter (PDF) to Paulino Barros, the interim CEO of Equifax. [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Chris Hinkley's picture
For security professionals, PCI DSS 3.0 means that PCI compliance will become more of an everyday business practice, rather than an annual checklist obligation.
Chris Hinkley's picture
Compliance is a byproduct of a solid security program – but that doesn’t mean it’s simple. Compliance can involve technical architecture and operational processes that many organizations simply don’t understand or don’t want to bother with.
Gant Redmon's picture
The CSO is so critical for the CPO’s success that I guarantee that if you send this article to your CPO, they will take you out for a free lunch the next day.
Nick Cavalancia's picture
In the era of the public cloud, when employees are frequently using consumerized applications to share and store data, it's time for security and risk professionals to adopt a new security thought paradigm that focuses on the insider threat that employees create, not solely on protecting data itself.
Jon-Louis Heimerl's picture
The Omnibus Rule that updated the Health Insurance Portability and Accountability Act (HIPAA) has the potential to be a game changer because of the things it says in writing, as well as some of the things that it doesn’t say.
Dr. Mike Lloyd's picture
2012 was an interesting year in security – publicity around breaches led to greater awareness than we’ve seen in years, encouraging many in the Federal sector to look into our corner of IT. So what will happen in IT Security 2013?
Dr. Mike Lloyd's picture
Santa doesn’t care if you were naughty or nice on Christmas Eve – what matters is how you did all year. Security is much the same.
Gant Redmon's picture
You can have security without privacy, but you cannot have privacy without security. To have privacy, you must have security to protect things you wish not to share from those who are interested...
Gant Redmon's picture
Data breach notification laws are confusing and ever changing. Legislators trying to harmonize all the different state breach notification laws are going to have three big political challenges.