Join Enterprise Strategy Group (ESG) and Dtex Systems to get a detailed look at a newly released ESG Research Insights Report, "Insider Threat Program Realities." Based on the survey of 300 security and IT professionals in the US, the report underscores the continued struggle most organizations face when it comes to...
Ireland's Data Protection Commission says it is "assessing" a report concerning minors who have business profiles on Instagram that may expose email addresses and phone numbers. As many as 5 million kids worldwide have business accounts, but often they have no discernible link to a real business.
Authorities in the Netherlands recently levied a $516,000 fine under the General Data Protection Regulation against a hospital in the Hague in connection with a data breach involving "dozens" of staffers who snooped on the electronic medical records of a celebrity.
The latest edition of the ISMG Security Report analyzes the significance of fines against British Airways and Marriott for violations of the EU's GDPR. Also featured are discussions of California's privacy law as a model for other states and the next generation of deception technologies.
George Orwell's "1984" posited a world in which Big Brother monitored us constantly via "telescreens." But thanks to our "smart" AI home assistants - from Google, Amazon and others - we're increasingly installing the monitoring equipment ourselves, and it may "hear" much more than we realize.
Website breaches are becoming a daily occurrence. Organizations, entrusted with millions of customer data points, are failing to protect consumers adequately and as a consequence, losing valuable data.
Despite the expectation that companies should be prepared for both accidents and deliberate attacks, there is a...
Customer accounts are an integral tool to help merchants foster customer loyalty. But when login credentials are compromised, they present a unique opportunity for fraudsters to commit CNP fraud and steal customer PII. In 2018 alone, Account Takeover attacks resulted in over $11 billion in losses.
The fallout from...
The data protection gloves have finally come off in Europe after GDPR enforcement began last May - the U.K.'s privacy watchdog has proposed large post-breach sanctions against British Airways and Marriott. Consider the tables now turned on firms that fail to properly safeguard personal data.
Britain's privacy watchdog says it plans to fine hotel giant Marriott $125 million under GDPR for security failures tied to a 2014 breach of the guest reservation database for Starwood, which Marriott acquired in 2016. Undiscovered until 2018, the breach exposed 339 million customer records.
Britain's privacy watchdog has proposed a record-breaking $230 million fine against British Airways for violating the EU's General Data Protection Regulation due to "poor security arrangements" that attackers exploited to steal 500,000 individuals' payment card data and other personal details.
Italy's data protection regulator has slapped a $1 million fine on Facebook for mismanaging user data and precipitating the Cambridge Analytica debacle. But that pales by comparison to the the fine that's reportedly still being weighed by the U.S. Federal Trade Commission.
The debate over whether the U.S. government should have the right to force weak crypto on Americans has returned. Here's what hasn't changed since the last time: mathematics and the choice between strong crypto protecting us or weak encryption - aka backdoors - imperiling us all.
The extra-territorial scope of GDPR, and many other regions introducing new data protection and privacy requirements such as The California Consumer Privacy Act (CCPA), means it is essential that privacy decision makers understand the need to have a common approach to dealing with regulations - instead of addressing...
Third-party risk has emerged as one of 2019's top security challenges, and the topic was the focus of a recent roundtable dinner in Charlotte. RSA's Patrick Potter attended that dinner and shares insight on how security leaders are approaching this aspect of digital risk management.