The Trump administration has launched a public awareness campaign, spearheaded by the National Counterintelligence and Security Center, urging the U.S. private sector to better defend itself against nation-state hackers and others who may be trying to steal their sensitive data or wage supply chain attacks.
2018 went down in cybersecurity history as the year of the data breach. While a majority of these breaches were the results of hacking and malware, one in four breaches are the result of unintentional disclosure of data by an employee. This is why most security professionals are aware that it is a matter of when - not...
What not to do after a breach? Share your incident response plan with your attorney and say, "Don't pay too much attention to it; we don't follow it." Randy Sabett of Cooley LLP discusses this and other lessons learned from breach investigations.
Marriott's mega-breach underscores the challenges companies face in securing systems that come from acquisitions as well as simply storing too much consumer data for too long, computer security experts say. Meanwhile, the hotel giant has yet to answer many pressing data breach questions.
Uber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data breach for more than a year. The breach exposed millions of drivers' and users' personal details to attackers, whom Uber paid $100,000 in hush money and for a promise to delete the stolen data.
The 10th annual IRISSCERT Cyber Crime Conference, to be held Thursday in Dublin, promises to round up crime trends and also offer updates on incident response lessons learned, spam fighting and even cybersecurity essentials for children.
Creating a cybersecurity incident response plan is a fundamental requirement of any cybersecurity program - and a requirement of many global regulations, including GDPR and PCI DSS. During this workshop, Troutman Sanders partner Ron Raether will discuss the benefits of table top exercises. He then will explain how to...
How Susceptible are Users to Active Threats?
With phishing still the #1 entry point for cyber-attacks, your defenses need to focus on the most pressing threats: active phishing campaigns that are probing your healthcare organization.
This report breaks down the Top 10 threats, with metrics showing how well users...
To comply with GDPR, Facebook has notified Ireland's data privacy watchdog about the massive breach it has suffered, resulting in 50 million accounts being exposed. But Irish authorities have signaled that Facebook has failed to share all of the information they would have expected to see.
Credit bureau Equifax has been hit with the maximum possible fine under U.K. law for "multiple failures" that contributed to its massive 2017 data breach, including its failure to act on a critical vulnerability alert issued by the U.S. Department of Homeland Security.
The latest edition of the ISMG Security Report features an analysis of a new Government Accountability Office report on the causes of last year's massive Equifax breach. Also: An update on the role of tokenization in protecting payments.
On May 25, 2018, per the General Data Protection Regulation (GDPR), organizations with business ties to the European Union needed to comply to GDPR standards. The cost of non-compliance are stiff fines. The GDPR contains nearly 100 separate and nuanced articles that can be difficult to understand even if you are a...
Under the EU's General Data Protection Regulation, within 72 hours of an organization learning about the data breach, it must report the breach to relevant authorities or face fines. The U.K.'s data privacy watchdog says it's already seen the volume of self-reported breaches quadruple.
A Spanish consumer rights organization says telecommunications company Telefónica has fixed an elementary security error in its Movistar website that potentially exposed billing invoices for millions of customers. Telefónica says it hasn't detected fraudulent use of the data.