Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

As governments race to develop mobile tracing apps to help contain infections, attention is turning to how officials will ensure users’ privacy. [Read More]
New rules require critical information infrastructure operators in China to conduct cybersecurity reviews when purchasing tech products and services. [Read More]
Twitter will not be allowed to disclose more information on national security requests after the U.S. government convinced a judge that the disclosure of such information could harm national security. [Read More]
Google and Apple are developing a coronavirus smartphone "contact tracing" tool that could potentially alert people when they have crossed paths with an infected person. [Read More]
Data privacy company Privitar has raised $80 million in a Series C funding round led by Warburg Pincus. [Read More]
Zoom has promised to improve security and privacy, but an increasing number of organizations have decided to ban the video conferencing application. [Read More]
WhatsApp on Tuesday placed new limits on message forwarding as part of an effort to curb the spread of misinformation about the coronavirus pandemic. [Read More]
The popular digital wallet application Key Ring recently exposed information belonging to millions of its users. [Read More]
Researchers noticed that the keys used to encrypt and decrypt Zoom meetings may be sent to servers in China, even if the meeting participants are located in other countries. [Read More]
A class action lawsuit has been filed against Marriott over the recently disclosed data breach that impacted as many as 5.2 million customers. [Read More]

FEATURES, INSIGHTS // Compliance

rss icon

Jalal Bouhdada's picture
Jalal Bouhdada, Founder and Principal ICS Security Consultant at Applied Risk, discusses the implications of the new EU Directive on Security of Network and Information Systems (NIS)
Steven Grossman's picture
Why do we seem to need layer upon layer of regulation and guidance to try to ensure a more secure business world? Is it working?
Travis Greene's picture
Reducing the amount of personal data subject to GDPR is a critical step towards minimizing the amount of risk that GDPR will expose.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
Torsten George's picture
To achieve continuous compliance and monitoring, organizations are forced to automate many otherwise manual, labor-intensive tasks.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
James McFarlin's picture
U.S tech giants are playing a game of high-stakes global brinksmanship around who has rights to control their data, which impacts their European growth prospects, business models, and ultimately stock valuations.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Nimmy Reichenberg's picture
With the release of PCI-DSS 3.0, organizations have a framework for payment security as part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and security as a shared responsibility.