Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

Each year, the Electronic Frontier Foundation (EFF) publishes an annual 'Who Has Your Back' analysis of the basic privacy policy of major online service providers. [Read More]
WikiLeaks releases documents describing HighRise, and Android malware used by the CIA to intercept SMS messages [Read More]
Human error led to the personal details of millions of Verizon customers being exposed online, but the telecoms giant has downplayed the incident [Read More]
Apple establishes first data center in China to comply with new cybersecurity law, but promises not to build any backdoors into its systems [Read More]
While the Payment Services Directive 2 (PSD2) regulation is European in origin, American and other global banks should not -- and perhaps cannot -- ignore it. [Read More]
Google warns websites using WoSign and StartCom certificates - they will no longer be trusted by Chrome starting in September [Read More]
A group of security researchers proposes a real-time inversion attack against the GMR-2 stream cipher used in satellite phone communication, claiming it is much more efficient than previously devised attacks. [Read More]
A new report focusing on Europe's General Data Protection Regulation (GDPR) preparedness shows a worrying disconnect between Business and Security. [Read More]
Kaspersky releases source code of Bitscout, a compact and customizable tool designed for remote digital forensics [Read More]
Windows 10 users who haven’t installed the Creators Update will soon be notified to review their privacy settings and to install the latest feature update to remain secure, Microsoft announced. [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Marcus Ranum's picture
To communicate about our metrics, we need ways that we can ground our experience in terms of “normal” for us; Otherwise, we really can't communicate our metrics effectively with anyone who isn't in a similar environment.
Adam Firestone's picture
The misconception that Internet privacy equals anonymity must be dispelled if cyberspace is to be a secure and safe place. At the same time, mechanisms must be incorporated to ensure that communications remain confidential and resistant to unauthorized alteration by third parties.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Tal Be'ery's picture
The Google-backed "Certificate Transparency" initiative has gained much momentum and may have a real chance to amend the battered Public-Key Infrastructure (PKI).
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.
Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Chris Coleman's picture
The events that occurred in 2013 will forever be reflected in the Internet DNA of the future, and how the cyber security market evolves to accommodate that future.