Security Experts:

Privacy & Compliance
long dotted

NEWS & INDUSTRY UPDATES

According to a joint CISA/FBI advisory, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server. [Read More]
A new EU law imposing stricter online regulation comes into effect Wednesday and the biggest platforms like Facebook and Google will have until February 17 to reveal their user numbers. [Read More]
Google is getting ready for the rollout of Android Privacy Sandbox, a new feature meant to provide more private advertising on mobile devices. [Read More]
Bishop Fox has raised more than $154 million in lifetime funding to build and market technology for continuous attack surface management. [Read More]
Google has agreed to a $391.5 million settlement with 40 states in connection with an investigation into how the company tracked users’ locations. [Read More]
Compliance platform Laika has raised $50 million in Series C funding round led by Fin Capital. [Read More]
VMware slapped a critical-severity rating on the bulletin and warned that three of the patched flaws are marked with a CVSS severity score of 9.8/10. [Read More]
For the second consecutive month, Microsoft rushed out patches to cover vulnerabilities that were already exploited as zero-day in the wild, including a pair of belated fixes for exploited Microsoft Exchange Server flaws. [Read More]
Redmond warns that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. [Read More]
Web scraping is a sensitive issue. Should a third party be allowed to visit a website and use automated tools to gather and store information at scale from that website? What if that information includes personal data? What does the law say? Can it be prevented? [Read More]

FEATURES, INSIGHTS // Privacy & Compliance

rss icon

Gordon Lawson's picture
Basic cyber hygiene may seem rudimentary, but as highlighted in CISA’s four key challenges above, it is something organizations of all sizes struggle with.
Gordon Lawson's picture
While obscurity is an offensive tool for attackers, it also represents a defensive measure for organizations. Let’s consider the benefits of concealing network infrastructure and activity from the outside world to reduce the enterprise attack surface.
Preston Hogue's picture
There is a dawning realization of the potential danger posed by algorithms, written by humans to steer other humans.
Preston Hogue's picture
Everywhere you go, you cast a shadow of data that, taken together, reveals who you are, what you like to do, your habits, your addictions.
Alastair Paterson's picture
For companies based in the U.S. with customers and files in many different countries, reconciling conflicting practices and laws is likely to remain a serious headache for years to come.
Jim Gordon's picture
Individuals and security professionals should have a 360 mindset and know the actions needed to take in the pursuit of data protection and the preservation of privacy.
David Holmes's picture
Architects and IT security teams are looking for technology evolutions to help them manage real problems in endpoint storage and messaging.
Josh Lefkowitz's picture
Regardless of which framework you use, it’s crucial to operationalize it in the context of your organization’s unique environment and risk factors.
Laurence Pitt's picture
In the coming years the data protection and privacy landscape will change dramatically, improving the experience for us as individuals but potentially making things more complex for businesses.
Alastair Paterson's picture
With more legislation expected, every company should ensure they have a robust framework in place along with strong data mapping capabilities.