Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

Facebook has announced a series of changes to its developer platform to implement tighter user privacy controls and limit how apps can access to user data. [Read More]
Facebook said it will overhaul its privacy settings tools to put users "more in control" of their information on the social media website. [Read More]
Mozilla's new "Facebook Container Extension" is a new browser extension designed to help Firefox users reduce the ability of Facebook to track their activity across other web sites. [Read More]
Christopher Wylie claims to have helped create data analysis company Cambridge Analytica before turning whistleblower and becoming "the face" of the crisis engulfing Facebook. [Read More]
The Federal Trade Commission (FTC) has opened an investigation into Facebook's privacy practices, another blow to the social network [Read More]
A snowballing Facebook scandal over the hijacking of personal data from millions of its users has many wondering whether it's time to restrict access to their Facebook information or even leave the social network altogether, [Read More]
Netflix launches public bug bounty program with rewards of up to $15,000, and Dropbox promises not to sue researchers [Read More]
"It is time. #deletefacebook," WhatsApp co-founder Brian Acton said in a tweet, using the hashtag protesting the handling of the crisis by the world's biggest social network. [Read More]
Russia's Supreme Court ruled the popular Telegram messenger app must provide the country's security services with encryption keys to read users' messaging data, agencies reported. [Read More]
Facebook shares plunged following revelations that a firm working for Donald Trump's presidential campaign harvested data on 50 million users, as analysts warned the social media giant's business model could be at risk. [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Erin O’Malley's picture
Today, we expect ultimate convenience. But at what cost? More and more, I’m left wondering whether modern conveniences—grâce à today’s advanced technologies—are truly worth the risk.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Jim Ivers's picture
If a car’s systems can be hacked to disable critical systems, then attacks can also be used to extract information. Similar to IoT, if data is being collected, data can be exfiltrated.
David Holmes's picture
The portion of encrypted traffic keeps rising, so IT security administrators will be forced to do more SSL decryption if they are to get any value at all out of their fancy security tools.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
David Holmes's picture
In the initial hours after the Paris attacks by Islamic terrorists, when the PlayStation 4 rumor was first circulating, I decided to see exactly what kind of encryption the PS4 uses for its messaging system.
Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Marcus Ranum's picture
To communicate about our metrics, we need ways that we can ground our experience in terms of “normal” for us; Otherwise, we really can't communicate our metrics effectively with anyone who isn't in a similar environment.