Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

For the second consecutive month, Microsoft rushed out patches to cover vulnerabilities that were already exploited as zero-day in the wild, including a pair of belated fixes for exploited Microsoft Exchange Server flaws. [Read More]
40 US states have announced reaching a $16 million settlement with Experian and T-Mobile over data breaches suffered in 2012 and 2015. [Read More]
Redmond warns that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. [Read More]
The FTC has reached an agreement with education technology provider Chegg over the company’s cybersecurity mishaps that led to several data breaches. [Read More]
Bearer, Notebook Labs, and Protexxa, cybersecurity startups dealing with data security, web3 identity, and enterprise cyber hygiene, received a total of over $10 million in seed funding. [Read More]
Alcohol delivery app Drizly has agreed to tighten its data security and limit data collection to resolve federal regulators’ allegations that its security failures exposed the personal information of some 2.5 million customers. [Read More]
Two people whose personal information was compromised in a data breach at Rhode Island’s public bus service that affected about 22,000 people sued the agency and a health insurer on Tuesday seeking monetary damages and answers. [Read More]
Australian health insurer Medibank confirms personal and health information of all customers compromised in data breach. [Read More]
The Federal Trade Commission has announced a set of actions against online alcohol marketplace Drizly and its CEO, James Cory Rellas, over improper data security practices. [Read More]
The Australian health insurer says recent cyberattack impacts data of more customers than initially thought. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Jim Gordon's picture
Individuals and security professionals should have a 360 mindset and know the actions needed to take in the pursuit of data protection and the preservation of privacy.
Alastair Paterson's picture
If it takes a whole village to raise a child, it takes a whole community of vendors and business partners to build a secure data environment.
Ellison Anne Williams's picture
Data in Use has become a point of least resistance for an attacker. There is a major industry need to recognize this lapse and close the gap in data security by protecting data while it is being used.
Gunter Ollmann's picture
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Ellison Anne Williams's picture
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.
Torsten George's picture
By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.
Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Travis Greene's picture
While GDPR doesn’t require encryption, there are four mentions of encryption in GDPR that provide real incentives for organizations to use encryption.
Preston Hogue's picture
Security teams should think about how company data might connect with data from other organizations or industries and how those combined data sets could be triangulated into a larger picture that ultimately puts you at risk.
Bradon Rogers's picture
While a contract, distributed, partner-oriented workforce and supply chain can create serious risks to your organization, careful implementation of visibility and data protection strategies can help you mitigate many of the risks.