Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

Europe's top rights court on Sept. 5 restricted the ability of employers to snoop on their staff's private messages, in a landmark ruling with wide ramifications for privacy in the workplace. [Read More]
Lenovo settles FTC charges over the Superfish adware shipped with many of its laptops, but the company will not pay a fine [Read More]
Hackers are selling phone numbers and email addresses of millions of celebrities and other high profile Instagram users [Read More]
Details of thousands of U.S. military veterans and law enforcement officers looking for a job at an international security firm leaked online via unprotected AWS storage [Read More]
Europe's top human rights court is set to rule Tuesday whether bosses have the right to spy on employees who use company messaging systems, in a landmark decision for privacy in the work place. [Read More]
Vulnerabilities in PoS systems from SAP and other vendors allow hackers to steal payment card data and change prices [Read More]
Russia-linked Fancy Bear hackers leak emails and medical records on football (soccer) players caught using illegal substances [Read More]
Fuze patches several vulnerabilities discovered by Rapid7 in its online customer portal, including authentication, access control and data transmission issues [Read More]
Cisco adds end-to-end encryption, mobile device security for non-managed devices, and other capabilities to Spark collaboration platform [Read More]
Organizations reminded that ICANN will soon change the root zone key signing key (KSK) for the DNSSEC protocol [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
David Holmes's picture
In the initial hours after the Paris attacks by Islamic terrorists, when the PlayStation 4 rumor was first circulating, I decided to see exactly what kind of encryption the PS4 uses for its messaging system.
Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Marcus Ranum's picture
To communicate about our metrics, we need ways that we can ground our experience in terms of “normal” for us; Otherwise, we really can't communicate our metrics effectively with anyone who isn't in a similar environment.
Adam Firestone's picture
The misconception that Internet privacy equals anonymity must be dispelled if cyberspace is to be a secure and safe place. At the same time, mechanisms must be incorporated to ensure that communications remain confidential and resistant to unauthorized alteration by third parties.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Tal Be'ery's picture
The Google-backed "Certificate Transparency" initiative has gained much momentum and may have a real chance to amend the battered Public-Key Infrastructure (PKI).
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.