Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Researchers have found additional Dragonblood vulnerabilities in the WPA3 protocol and it only takes $1 worth of AWS computing power to obtain the password of a Wi-Fi network. [Read More]
Misconfiguration in JIRA project management software results in thousands of companies’ filters, dashboards and staff data being publicly exposed. [Read More]
An unprotected, internet accessible ElasticSearch database exposed 40GB of sensitive data from Honda Motor Company, containing technical details on employee computers, including its CEO, [Read More]
The FTC told consumers affected by the Equifax data breach that they are unlikely to get the full $125 cash payment that many sought. [Read More]
One of the country's biggest credit card issuers, Capital One Financial, is the latest big business to be hit by a data breach, disclosing that roughly 100 million people had some personal information stolen by a hacker. [Read More]
New York state is strengthening a law requiring companies that handle consumers' personal data to notify them about any data breaches. [Read More]
Robinhood, the company behind the popular stock trading app, informed some users that their passwords were stored in clear text. [Read More]
U.S. Attorney General Bill Barr says increased encryption of data on phones and computers and encrypted messaging apps are putting American security at risk. [Read More]
Information system security controls at the IRS require further improvements, a new report from the United States Government Accountability Office (GAO) reveals. [Read More]
The Czech unit of telecoms giant Huawei secretly collected personal data of customers, officials and business partners, Czech public radio reported Monday, fanning concerns about security risks linked to the Chinese group. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Alastair Paterson's picture
If it takes a whole village to raise a child, it takes a whole community of vendors and business partners to build a secure data environment.
Ellison Anne Williams's picture
Data in Use has become a point of least resistance for an attacker. There is a major industry need to recognize this lapse and close the gap in data security by protecting data while it is being used.
Gunter Ollmann's picture
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Ellison Anne Williams's picture
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.
Torsten George's picture
By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.
Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Travis Greene's picture
While GDPR doesn’t require encryption, there are four mentions of encryption in GDPR that provide real incentives for organizations to use encryption.
Preston Hogue's picture
Security teams should think about how company data might connect with data from other organizations or industries and how those combined data sets could be triangulated into a larger picture that ultimately puts you at risk.
Bradon Rogers's picture
While a contract, distributed, partner-oriented workforce and supply chain can create serious risks to your organization, careful implementation of visibility and data protection strategies can help you mitigate many of the risks.
Alastair Paterson's picture
While a boon to productivity, some of the most ubiquitous file sharing services across the Internet are also at the heart of a global problem – publicly exposed data.