Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

Study conducted by Accenture and AMA shows that a majority of physicians in the US have experienced a cybersecurity incident, including phishing, malware and inappropriate access by insiders [Read More]
After getting complaints from developers, Google is evaluating whether it should continue allowing innovative use of accessibility services by Android apps [Read More]
Microsoft used the same certificate for all instances of its Dynamics 365 ERP product and it took more than 100 days to take action, but the company claims the issue posed little risk [Read More]
Synaptics touchpad driver present on hundreds of HP laptops includes keylogging functionality. Patches available for a majority of affected devices [Read More]
New functionality added by Onapsis to its security platform allows SAP customers to check if they are GDPR-compliant [Read More]
NIST publishes second draft of the Framework for Improving Critical Infrastructure Cybersecurity [Read More]
The most common infiltration and exfiltration methods used by attackers are successful much of the time, according to SafeBreach’s latest Hacker’s Playbook report [Read More]
ICS-CERT provides solid advice on updating antiviruses in industrial control systems, but it’s not practical and organizations should not believe AVs are enough [Read More]
Google is stepping up the fight against unwanted and harmful applications on Android and will soon start alerting users on apps and websites leading to apps that collect personal data without their consent. [Read More]
DHS memo claims China-based drone maker DJI is sending data on U.S. critical infrastructure and law enforcement to the Chinese government [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Alastair Paterson's picture
What can U.S.-based companies do to prepare for the GDPR that is due to come into force in May 2018? These five steps can help.
Jennifer Blatnik's picture
Protecting this data is a necessity as more and more consumers are voluntarily offering up their rights to security or privacy in search for convenience.
Steven Grossman's picture
Why do we seem to need layer upon layer of regulation and guidance to try to ensure a more secure business world? Is it working?
Lance Cottrell's picture
By surreptitiously monitoring and engaging with potential attackers and malware developers you can successfully gain information about emerging attack methods, patterns, and practices in the cyber underground.
Jim Ivers's picture
With the advent of connected devices, privacy and security have become tightly linked because theft of private data is often the goal of malicious attacks.
Jim Ivers's picture
Enlightened toy manufacturers likely begin to embrace the basic concepts of IoT security and build connected toys that can be trusted by parents.
Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Erin O’Malley's picture
Today, we expect ultimate convenience. But at what cost? More and more, I’m left wondering whether modern conveniences—grâce à today’s advanced technologies—are truly worth the risk.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Jim Ivers's picture
If a car’s systems can be hacked to disable critical systems, then attacks can also be used to extract information. Similar to IoT, if data is being collected, data can be exfiltrated.