Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

President Donald Trump has ordered a sweeping but unspecified ban on dealings with the Chinese owners of consumer apps TikTok and WeChat, although it remains unclear if he has the legal authority to actually ban the apps from the U.S. [Read More]
Microsoft will continue talks to acquire the US operations of popular video-sharing app TikTok, after meeting with President Donald Trump who seemingly backed off his earlier threats to ban the Chinese-owned platform. [Read More]
Roughly one month after senators introduced a “balanced” bill that would require tech companies to provide law enforcement with access to encrypted user data, a companion bill was introduced in the House of Representatives this week. [Read More]
Facebook is asking EU courts to review "exceptionally broad" requests by antitrust regulators there that would scoop up employees' personal information. [Read More]
Australia’s consumer watchdog launched court action against Google on Monday alleging the technology giant misled account holders about its use of their personal data. [Read More]
Data protection and privacy regulators from six countries around the world have sent a joint letter to video conferencing companies urging them to address security and privacy risks. [Read More]
Polymer announces its official launch with a solution that automatically detects and redacts sensitive data shared in popular collaboration tools such as Slack, Zoom and GitHub. [Read More]
Microsoft has unveiled new security capabilities for Microsoft 365 and Azure, along with a new Endpoint Data Loss Prevention solution. [Read More]
Germany's highest court on Friday said security services had too much unfettered access to people's online data and ordered legislation to be revised to set higher hurdles. [Read More]
Britain’s government on Tuesday backtracked on plans to give Chinese telecommunications company Huawei a limited role in the U.K.’s new high-speed mobile phone network in a decision with broad implications for relations between London and Beijing. [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

Josh Lefkowitz's picture
Regardless of which framework you use, it’s crucial to operationalize it in the context of your organization’s unique environment and risk factors.
Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Justin Fier's picture
Over time, holding people responsible will lead individuals to see how their actions impact the security of the organization and come to consider themselves responsible for the security of the company.
Mike Fleck's picture
Big companies can say they are GFPR compliant, but odds are their current structure will never allow them to find, identify, and categorize all the data that they have collected over time.
Laurence Pitt's picture
Despite the long ramp-up towards the GDPR compliance deadline, the effects of the new regulations are still very much in infancy.
Travis Greene's picture
GDPR is proving disruptive for European citizens who are no longer able to interact with services from outside the EU. And the compliance costs can be significant as well. But are there legitimate concerns of overreach?
Bradon Rogers's picture
Complying with GDPR was the immediate challenge, but now there is an opportunity to capture the good work that has been done and make data protection a top of mind focus for enterprises every day.
Josh Lefkowitz's picture
While the upcoming GDPR compliance deadline will mark an unprecedented milestone in security, it should also serve as a crucial reminder that compliance does not equal security.
Alastair Paterson's picture
With domain name WHOIS data subject to the GDPR’s privacy requirements, the system will “go dark” until alternative preparations are made, creating a challenge for this who fight computer fraud and other criminal activity on the Internet.
Ashley Arbuckle's picture
Penalties for non-compliance with GDPR will be severe. For example, if your organization fails to report a data breach within 72 hours, expect a fine.