Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Dig Security’s latest financing comes as venture capital investors rush to place bets on startups jostling for space in the cloud data security space. [Read More]
Microsoft says its security teams have detected zero-day exploitation of a critical vulnerability in its flagship Windows platform. [Read More]
Adobe has rolled out security fixes for at least 63 security vulnerabilities in a wide range of widely deployed Windows and macOS software products. [Read More]
Twitter's former security chief, Peiter Zatko said he tried to alert management to grave vulnerabilities to hacking or data theft, to no avail. [Read More]
Israeli startup Opus Security has banked $10 million in seed round funding to build technology for cloud security orchestration and remediation. [Read More]
Cloud data security company Theom has emerged from stealth mode with an oversubscribed $16 million seed funding round. [Read More]
Apple acknowledged the macOS zero-days in an advisory but did not share technical details or indicators of compromise to help defenders hunt for signs of infections. [Read More]
Microsoft security teams share details on ransomware attacks linked to DEV-0270, a subgroup of Iran-linked Phosphorus. [Read More]
Microsoft has identified four Iranian hacking groups that participated in a July 2022 cyberattack targeting the Albanian government. [Read More]
The U.S. government's CISA, NSA, and ODNI have released the first part of a three-part joint guidance series on securing the software supply chain. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Jim Gordon's picture
Individuals and security professionals should have a 360 mindset and know the actions needed to take in the pursuit of data protection and the preservation of privacy.
Alastair Paterson's picture
If it takes a whole village to raise a child, it takes a whole community of vendors and business partners to build a secure data environment.
Ellison Anne Williams's picture
Data in Use has become a point of least resistance for an attacker. There is a major industry need to recognize this lapse and close the gap in data security by protecting data while it is being used.
Gunter Ollmann's picture
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Ellison Anne Williams's picture
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.
Torsten George's picture
By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.
Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Travis Greene's picture
While GDPR doesn’t require encryption, there are four mentions of encryption in GDPR that provide real incentives for organizations to use encryption.
Preston Hogue's picture
Security teams should think about how company data might connect with data from other organizations or industries and how those combined data sets could be triangulated into a larger picture that ultimately puts you at risk.
Bradon Rogers's picture
While a contract, distributed, partner-oriented workforce and supply chain can create serious risks to your organization, careful implementation of visibility and data protection strategies can help you mitigate many of the risks.