[unable to retrieve full-text content]
When it comes to technology, nothing is static, everything is evolving. Either we keep inventing mechanisms that dig out new security holes, or we are forced to implement existing kludges to cover up the inadequacies in security on which our web applications depend.
As backup and recovery products and solutions evolve, they are beginning to intersect with security and compliance. Online backup and recovery software company Asigra has announced a new version of its software that addresses the risks posed by ransomware and non-compliance with Article 17 of the European Union’s General Data Protection Regulation (GDPR). Both should be a concern for organizations of all sizes, from global enterprises on down to small/medium businesses.
The University of Greenwich was fined $160,000 under the Data Protection Act of 1998 by the Information Commissioner’s Office for leaking the personal data of almost 20,000 staff, alumni and students, writes the BBC.
A new report has revealed that 25% of enterprises have suffered from cloud cryptojacking incidents, a sharp increase from the 8% that was recorded from last quarter. As more enterprises increase their activities in the cloud, this area has become a natural target for malicious attackers. IT security experts commented below.
GDPR will force marketers to relinquish much of their dependence on behavioral data collection. Most critically, it will directly implicate several business practices that are core to current digital ad targeting. What, then, will take the place of behavioral data collection to power ad-targeting? How will digital marketers channel the right marketing messages to the right eyeballs at the right times? For many, the answer will lie in contextual advertising. Its power lies in displaying ads based not on a consumer’s profile, but on the content that he or she is looking at in real time – e.g., a news article, website, news feed, mobile app screen or video game.
What you don’t know can hurt you. This slight twist on a commonly used cliché illustrates the difficulties that many organizations experience when trying to secure sensitive data in the cloud.
Frustrated by the behavior of some men in their workplace, a group of women working at Nike anonymously surveyed other women colleagues a few months ago about their perceptions of sexual harassment and gender discrimination at the company. The results painted a clear picture of a workplace where women often felt marginalized, disrespected, and discriminated against. The survey reached the hands of the company’s CEO. What followed, as covered in the media, indicates the problem is being taken seriously: A few top executives at the firm resigned or are on their way out, and bias training and other remedies are being introduced. Stories like this one about Nike’s toxic workplace culture remind us that speaking up about injustice and being heard in an organization can create positive change. Research helps us understand why it is that people speak up in some situations and not in others.
In mid-2003, the US Defense Advanced Research Projects Agency launched an ambitious program aimed at recording essentially all of a person’s movements and conversations and everything they listened to, watched, read and bought.
In May 2017 the biggest ransomware attack in history broke out. Known as “WannaCry,” the now infamous ransomware spread like wildfire, affecting PCs around the world. One year on, the same malware – which exploits the EternalBlue vulnerability – is still prevalent.
The chances of you opening, clicking or downloading a document sent from a colleague or friend are much higher than acting on an email from someone you don’t know. Cybercriminals know this well, which is why they are sending attacks to the friends and colleagues of compromised account owners.
A secret information-sharing agreement between the Financial Services Information Sharing and Analysis Center (FS-ISAC) and U.S. Cyber Command reveals the blurring line between the country’s public and private sectors as the U.S. government becomes increasingly receptive to launching offensive hacking operations.
The Information Commissioner has slapped a £120,000 fine on the University of Greenwich in the UK after a security cockup by its computing and maths school compromised the data of almost 20,000 individuals.
When Georgia Senate Bill 315 (SB-315) was introduced, people in the tech world anxiously awaited its fate, regardless of their geographic location. They knew that some laws initially restricted to single states become more widespread after politicians set precedents. And they knew that this law could potentially impact the way that they did business forever.
Do you have iron-clad defense systems in place to secure your organization? If your employees aren’t trained to recognize some of the most common social engineering tricks, your system still has a wide-open gap.
It used to be that adaptive authentication (also called risk-based authentication or RBA) forced a trade-off between usability and security, but that is no longer the case. A few years ago, security managers placed security above usability, forcing users to be like Chicago voters: authenticate early and often. Today’s RBA tools can improve overall customer experience and help compliance regulations as well as simplify a patchwork of numerous legacy banking technologies.
Threat intelligence (TI) means many things to many people. At best, TI is the collection and analysis of data that informs security teams about what actions to take to prevent, detect and respond to cyberattacks.
What do Arkansas, Georgia, Kentucky and Texas have in common? Well, depending on whom you ask, they’re all Southern states. But more to the point: They’re the four states up to bat this week in the protracted ballgame that is primary election season. (For reference, we’re barely in the third inning.)
CensorNet has announced its research into the application and internet habits of 1000 UK adults, through personal data and insights platform CitizenMe. The survey found that 46 percent were guilty of at least one of the following bad practices, that could potentially put company data or the work network at great risk: