Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel proposes strengthening rules around telecom providers’ reporting of data breaches. [Read More]
Apple ships iOS fix for a persistent HomeKit denial-of-service flaw but only after an independent researcher publicly criticized the company for ignoring his discovery. [Read More]
Mozilla fixes multiple high-severity vulnerabilities with the release of Firefox 96, Firefox ESR 91.5, and Thunderbird 91.5. [Read More]
Microsoft’s first batch of patches for 2022 cover at least 97 security flaws, including a critical HTTP Protocol Stack bug described as “wormable.” [Read More]
Research shows the “Great Resignation” phenomenon is accompanied by a “Great Exfiltration” as people leave their jobs and take company data with them. [Read More]
Celebrated cryptographer Moxie Marlinspike is stepping down as chief executive at Signal, the encrypted messaging app he created more than a decade ago. [Read More]
The non-profit group says companies that ship open-source code should do much more to help with security audits and fixes. [Read More]
The U.K.’s National Health Service warns that an unknown threat actor is successfully hitting vulnerable VMWare Horizon servers with Log4j exploits. [Read More]
Switzerland's army has banned the use of WhatsApp whilst on duty, a spokesman confirmed Thursday, in favour of a Swiss messaging service deemed more secure in terms of data protection. [Read More]
French regulators have hit Google and Facebook with 210 million euros ($237 million) in fines over their use of "cookies", the data used to track users online. [Read More]

FEATURES, INSIGHTS // Data Protection

rss icon

Alastair Paterson's picture
If it takes a whole village to raise a child, it takes a whole community of vendors and business partners to build a secure data environment.
Ellison Anne Williams's picture
Data in Use has become a point of least resistance for an attacker. There is a major industry need to recognize this lapse and close the gap in data security by protecting data while it is being used.
Gunter Ollmann's picture
DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.
Ellison Anne Williams's picture
Data protection schemes must recognize and secure data as it exists at all points in the processing lifecycle, whether at rest, in transit, or in use.
Torsten George's picture
By implementing the core pillars of GDPR, organizations can assure they meet the mandate’s requirements while strengthening their cyber security posture.
Laurence Pitt's picture
Failure to implement basic cybersecurity hygiene practices will leave retailers vulnerable to damage and fines during a lucrative time for their businesses.
Travis Greene's picture
While GDPR doesn’t require encryption, there are four mentions of encryption in GDPR that provide real incentives for organizations to use encryption.
Preston Hogue's picture
Security teams should think about how company data might connect with data from other organizations or industries and how those combined data sets could be triangulated into a larger picture that ultimately puts you at risk.
Bradon Rogers's picture
While a contract, distributed, partner-oriented workforce and supply chain can create serious risks to your organization, careful implementation of visibility and data protection strategies can help you mitigate many of the risks.
Alastair Paterson's picture
While a boon to productivity, some of the most ubiquitous file sharing services across the Internet are also at the heart of a global problem – publicly exposed data.