Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The Microsoft Patch Tuesday train for October rolled in with fixes for at least 71 Windows security defects and an urgent warning about a newly discovered zero-day cyberespionage campaign. [Read More]
Full video of panel discussion from SecurityWeek's 2021 CISO Forum on navigating software bill of materials (SBOM) and supply chain security transparency. [Read More]
Mondoo plans to use the new funding to accelerate development of its cloud-native platform to provide developers with automated risk assessments. [Read More]
The initiative aims to establish standardization and consistency across cloud platforms, to protect the interests of cloud services organizations, and ensure human rights standards. [Read More]
Private equity firm Symphony Technology Group announced the merger of McAfee Enterprise and the newly acquired FireEye Products into a single pure-play cybersecurity company. [Read More]
Mariana Trench is an open-source tool that Facebook's security team has used internally to identify vulnerabilities in Android and Java applications. [Read More]
Akamai adds new capabilities to help customers thwart ransomware attacks by blocking the spread of malware within an already-compromised enterprise. [Read More]
The newly discovered Tomiris backdoor contains technical artifacts that suggest the possibility of common authorship or shared development practices with the group that executed the SolarWinds supply chain compromise. [Read More]
CISA is telling organizations to patch their Hikvision cameras, just as the FCC announced taking steps toward removing Chinese equipment from U.S. networks. [Read More]
Cowbell Cyber aims to fill a gap in the cyber-insurance ecosystem with products that continuously monitor customers systems to find weaknesses that can be fixed so that insurance can be offered with greater confidence. [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

Josh Lefkowitz's picture
Regardless of which framework you use, it’s crucial to operationalize it in the context of your organization’s unique environment and risk factors.
Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Justin Fier's picture
Over time, holding people responsible will lead individuals to see how their actions impact the security of the organization and come to consider themselves responsible for the security of the company.
Mike Fleck's picture
Big companies can say they are GFPR compliant, but odds are their current structure will never allow them to find, identify, and categorize all the data that they have collected over time.
Laurence Pitt's picture
Despite the long ramp-up towards the GDPR compliance deadline, the effects of the new regulations are still very much in infancy.
Travis Greene's picture
GDPR is proving disruptive for European citizens who are no longer able to interact with services from outside the EU. And the compliance costs can be significant as well. But are there legitimate concerns of overreach?
Bradon Rogers's picture
Complying with GDPR was the immediate challenge, but now there is an opportunity to capture the good work that has been done and make data protection a top of mind focus for enterprises every day.
Josh Lefkowitz's picture
While the upcoming GDPR compliance deadline will mark an unprecedented milestone in security, it should also serve as a crucial reminder that compliance does not equal security.
Alastair Paterson's picture
With domain name WHOIS data subject to the GDPR’s privacy requirements, the system will “go dark” until alternative preparations are made, creating a challenge for this who fight computer fraud and other criminal activity on the Internet.
Ashley Arbuckle's picture
Penalties for non-compliance with GDPR will be severe. For example, if your organization fails to report a data breach within 72 hours, expect a fine.