The latest edition of the ISMG Security Report discusses why Britain is struggling to determine whether to use China's Huawei technology in developing its 5G networks. Plus: An update on a mobile app exposing infant photos and videos online and an analyst's take on the future of deception technology.
While CCPA has drawn the biggest headlines when it comes to new U.S. privacy laws, businesses and consumers should also take notice of New York's SHIELD Act, which goes into effect in March 2020. The law is expected to have impact on Wall Street firms and other financial institutions headquartered in the state.
Seattle-based smart home device maker Wyze says an error by a developer exposed a database to the internet over a three-week period earlier this month. The data included customer emails, nicknames of online cameras, WiFi SSIDs, device information and Alexa tokens.
Apple and Google have stopped distributing a popular messaging app marketed to English and Arabic speakers called ToTok. The New York Times has reported that U.S. intelligence agencies believe ToTok was developed by the United Arab Emirates government to spy on its citizens. The government bans rival offerings.
The latest edition of the ISMG Security Report offers an in-depth analysis of whether Instagram is doing enough to protect the contact information of minors. Plus: Compliance updates on GDPR and PCI DSS.
In today's digital environment, protecting sensitive information and sales transaction data is of critical importance. Tim Horton of First Data explains the concept of "devaluing" data so it's worthless in the event of a breach.
Microsoft will apply the core rights of the California Consumer Privacy Act across all its customers in the U.S., which could nudge other technology companies in the same direction as online privacy becomes an increasing concern. The move is significant in that the technology industry has lobbied against parts of the...
Data privacy discussions must focus not just on collecting, storing and securing data, but also the impetus for doing so - and whether it is being done in an ethical manner, says consultant Thom Lagford, a former CISO, who addresses GDPR compliance issues.
Lastminute.com is a worldwide travel company that helps customers in 40 countries search and book travel related products and services. The company operates a portfolio of well-known brands, each with a consumer website in multiple languages and its own security and performance needs. Their total combined traffic...
Twitter apologized on Tuesday for repurposing phone numbers provided by users for security features for use in targeted advertising, claiming the move was a mistake. Earlier, Facebook was reprimanded for a similar practice.
Users are often lax about their own passwords to the dismay of many employers and organizations they transact with. Strong authentication is critical and organizations must be careful about security measures for their online customer transaction accounts - but when users become too frustrated during the login process...
In today's shifting security and regulatory environment, ongoing third-party monitoring is crucial to compliance success. But how do you keep up with a constantly changing and growing list of vendors?
This session will outline the keys to third-party risk management success through a modern approach to monitoring...
Europe's top court has ruled that Google does not have to remove links to sensitive personal data globally under the EU's "right to be forgotten" requirements, saying the requirement only applies in Europe.
The realms of data privacy and information security have traditionally been separate in most organizations. However, these domains are increasingly fusing, and in today's digital world, you need them to work in unison.
Many companies leave the question of ownership to their legal department, but today's CIOs are...
Sweden's Data Protection Authority has issued its first fine for violations of the European Union's General Data Protection regulation after a school launched a facial recognition pilot program to track students' attendance without proper consent.