Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

Kaspersky shares more details from its investigation into reports that Russian hackers stole NSA data using its software [Read More]
Two major financial services and regulated industry compliance firms, Smarsh and Actiance, have combined to better serve industry's increasingly complex requirements around communications, archiving and discovery regulations. [Read More]
Following an increase in Android malware and adware abusing accessibility services, Google decides to crack down on apps that misuse the feature [Read More]
A critical vulnerability (CVE-2017-16541) that could reveal a Tor user’s IP address was addressed over the weekend in the privacy-focused web browser. [Read More]
Savitech drivers used by several companies that provide specialized audio products expose PCs to attacks by installing a new root certificate [Read More]
The average enterprise now uses 1,232 cloud apps (up 33% from the second half of last year), while CIOs still believe their organizations use between just 30 and 40 cloud apps and services. [Read More]
Signal, a popular secure messaging application, is now available for Windows, macOS, and Linux computers as a standalone program. [Read More]
Hilton agrees to pay $700,000 in a settlement with New York and Vermont over the credit card breaches suffered by the company in 2014 and 2015 [Read More]
Any U.S. company that operates a website that collects user information (a log-in form, or perhaps a subscription application) could unwittingly collect protected European PII. [Read More]
DigiCert addresses the concerns raised by Mozilla and others regarding its acquisition of Symantec’s certificate business [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Alastair Paterson's picture
What can U.S.-based companies do to prepare for the GDPR that is due to come into force in May 2018? These five steps can help.
Jennifer Blatnik's picture
Protecting this data is a necessity as more and more consumers are voluntarily offering up their rights to security or privacy in search for convenience.
Steven Grossman's picture
Why do we seem to need layer upon layer of regulation and guidance to try to ensure a more secure business world? Is it working?
Lance Cottrell's picture
By surreptitiously monitoring and engaging with potential attackers and malware developers you can successfully gain information about emerging attack methods, patterns, and practices in the cyber underground.
Jim Ivers's picture
With the advent of connected devices, privacy and security have become tightly linked because theft of private data is often the goal of malicious attacks.
Jim Ivers's picture
Enlightened toy manufacturers likely begin to embrace the basic concepts of IoT security and build connected toys that can be trusted by parents.
Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Erin O’Malley's picture
Today, we expect ultimate convenience. But at what cost? More and more, I’m left wondering whether modern conveniences—grâce à today’s advanced technologies—are truly worth the risk.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Jim Ivers's picture
If a car’s systems can be hacked to disable critical systems, then attacks can also be used to extract information. Similar to IoT, if data is being collected, data can be exfiltrated.