Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

Fuzzing tests conducted by Synopsys customers show industrial protocols are the least mature and the most risky [Read More]
The UK government has announced its plans for a new Data Protection Bill to ensure that the United Kingdom retains its world-class regime protecting personal data. [Read More]
Microsoft finally announces decision on WoSign and StartCom certificates: new certificates issued after September 2017 will not be trusted [Read More]
Vulnerabilities found by a researcher in solar panels may allow hackers to disrupt power grids, but the affected vendor says his claims are greatly exaggerated [Read More]
A complaint filed with the Federal Trade Commission (FTC) alleges the popular free Virtual Private Network (VPN) service Hotspot Shield collects a large amount of data and intercepts user traffic. [Read More]
Researchers warn that hackers can abuse GitHub and other Git repo hosting services for stealthy attacks on software developers [Read More]
Following its agreement with Google, Symantec has decided to sell its certificate business to DigiCert for $950 million plus stock [Read More]
Bitdefender and Checkmarx publish reports describing vulnerabilities they found in popular Neo, VStarcam and Loftek IP cameras [Read More]
Interpol and Russian security firm Group-IB reveal the identities of alleged members of a pro-ISIS hacker group [Read More]
Researchers have shared details of an attack on an Amazon Echo that can compromise the device and listen to what users are saying to the device and much more. [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Lance Cottrell's picture
By surreptitiously monitoring and engaging with potential attackers and malware developers you can successfully gain information about emerging attack methods, patterns, and practices in the cyber underground.
Jim Ivers's picture
With the advent of connected devices, privacy and security have become tightly linked because theft of private data is often the goal of malicious attacks.
Jim Ivers's picture
Enlightened toy manufacturers likely begin to embrace the basic concepts of IoT security and build connected toys that can be trusted by parents.
Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Erin O’Malley's picture
Today, we expect ultimate convenience. But at what cost? More and more, I’m left wondering whether modern conveniences—grâce à today’s advanced technologies—are truly worth the risk.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Jim Ivers's picture
If a car’s systems can be hacked to disable critical systems, then attacks can also be used to extract information. Similar to IoT, if data is being collected, data can be exfiltrated.
David Holmes's picture
The portion of encrypted traffic keeps rising, so IT security administrators will be forced to do more SSL decryption if they are to get any value at all out of their fancy security tools.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
David Holmes's picture
In the initial hours after the Paris attacks by Islamic terrorists, when the PlayStation 4 rumor was first circulating, I decided to see exactly what kind of encryption the PS4 uses for its messaging system.