Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Google has rolled out a new type of multi-party computation (MPC) to help organizations better collaborate with confidential data sets. [Read More]
MongoDB 4.2 offers new features including distributed transactions, an updated Kubernetes Operator, and client-side field level encryption. [Read More]
Senator Ron Wyden has asked NIST to publish a guide recommending secure data sharing methods to replace the classic and insecure password-protected ZIP files. [Read More]
Researcher Dan Salmon posted more than 7 million new transactions scraped from Venmo onto GitHub. [Read More]
Fireblocks, a blockchain security provider, has emerged from stealth after closing a $16 million Series A funding round from Cyberstarts, Tenaya Capital, Eight Roads (investment arm of Fidelity), Swisscom Ventures and MState. [Read More]
Customs and Border Protection says photos of travelers and license plates collected at a single U.S. border point have been exposed in a malicious cyberattack in what a leading congressman called a “major privacy breach.” [Read More]
The new Federal Data Strategy changing the way U.S. Government agencies use data to improve operations and deliver services as well as making it easier for citizens and businesses to access and use data to spur the economy. [Read More]
macOS 10.15 Catalina brings several security-related improvements, including an enhanced Gatekeeper, a dedicated read-only volume for the OS, data protections, and support for Activation Lock. [Read More]
Apple announces “Sign in with Apple,” a new authentication system advertised as fast, secure and privacy friendly, but some experts are skeptical. [Read More]
A breach at billing collections service provider American Medical Collection Agency (AMCA) could impact many of its customers. One victim is Quest Diagnostics and 12 million of its patients. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Ellison Anne Williams's picture
Data in Use has become a point of least resistance for an attacker. There is a major industry need to recognize this lapse and close the gap in data security by protecting data while it is being used.
Gunter Ollmann's picture
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Ellison Anne Williams's picture
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.
Torsten George's picture
By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.
Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Travis Greene's picture
While GDPR doesn’t require encryption, there are four mentions of encryption in GDPR that provide real incentives for organizations to use encryption.
Preston Hogue's picture
Security teams should think about how company data might connect with data from other organizations or industries and how those combined data sets could be triangulated into a larger picture that ultimately puts you at risk.
Bradon Rogers's picture
While a contract, distributed, partner-oriented workforce and supply chain can create serious risks to your organization, careful implementation of visibility and data protection strategies can help you mitigate many of the risks.
Alastair Paterson's picture
While a boon to productivity, some of the most ubiquitous file sharing services across the Internet are also at the heart of a global problem – publicly exposed data.
Jim Ivers's picture
More vulnerabilities create more attacks; more attacks breed additional fatigue. So how can we wake up and fix the problems creating such a widespread headache?