The current state of privacy laws in the USA 2020: what you need to know

Posted by:

After the introduction of the CCPA in 2018 a whole slew of states got on board the data privacy bandwagon, and it looked like there was real momentum in the direction of increased rights for citizens over their own data.  By the middle of 2019 more than a dozen states had introduced some kind of privacy bill, either from scratch or as an amendment to existing privacy laws.

So how has that turned out?

Well, if you’re an advocate for increased user ...

Read More →
0

How to evidence your way thru compliance

Posted by:

I’m not usually a fan of nouns being used as verbs.  As Calvin said to Hobbes in Bill Watterson’s wonderful comic strip, “Verbing weirds language”.

I mean, who really ‘dialogues’ with colleagues, or  ‘greenlights’ tasks for them to ‘action’? 

But there’s one denominal verb https://en.wikipedia.org/wiki/Denominal_verb (yes of course there’s a word for it) which I find myself using, and that is ‘evidencing’. This is a wonderfully concise way of saying “proving ...

Read More →
0

Why it is high time to consider a CISO on demand

Posted by:

Many years ago I went to the doctor with a weird arm.  If I held my elbow and wrist just-so, it seemed to stop the blood supply going to my fingers.  Nothing too dramatic, but worth getting checked out. I was referred to the local hospital where the specialist remarked that he had never seen anything like it and he was keen to investigate further.

“I should add that you’ve been referred to the wrong department.  This ...

Read More →
0

Isn’t it time we talk seriously about a nation-wide Privacy Act?

Posted by:

Would you be surprised if someone told you that they felt even less secure online today, compared to five years ago? 

All we hear about are big companies screwing up and losing user data

Nah. Me neither. As reports Mitchell Noordyke from iapp, “state level momentum for comprehensive privacy bills is at an all time high. 

One of the hot topics now is whether the United States, Like the EU, ...

Read More →
0

How to avoid nasty flies in your bug bounty program

Posted by:

Bug bounties are increasing in popularity, but are there any steps to consider to ensure you keep any annoying flies at bay? Let’s take a quick look.  

Late last week, Google told security researchers that they have upped the bug bounty reward, making it significantly more attractive for researchers to invest in bug hunting.

Media reports cite that Google has received more than 8,500 security bug reports since the launch of its Chrome Vulnerability Rewards ...

Read More →
0

Take aways from the NASA Raspberry Pi “incident”

Posted by:

 

Some of you might be thinking that it being an IT security guy is not all that tough. All an expert has to do is block the bad stuff and grease the wheels for the good stuff. 

But you’d be wrong. While yes, there are a growing number of tools out there to help IT security officers better manage their networks, the sheer complexity of the machines that basic users have at their fingertips can give a ...

Read More →
0

The ins and outs of single sign on

Posted by:

With many technology and security events, such as Infosecurity Europe 2019, being in full swing, a number of tech goliaths are making some pretty bold statements.

It seems that the tectonic plates making up the technology landscape are indeed shifting, but it is anyone’s speculation to envision the end result…yet.

The biggest one by far this week was Apple announcing its plans to develop an Apple ID as an authenticator for online products and services.

So many of us ...

Read More →
0

The Delicate OpSecs needed to secure Supply Chains

Posted by:

OPSEC is a pretty familiar term in this industry, but reviewing its fundamental meaning and what it implies for us today in our current threat landscape is a useful exercise.

After all, being able to secure our systems and information from prying eyes from the likes of cyber thieves, scammers, ransomers, and so on, is a key priority for most businesses today.

OPSEC is the term the industry uses to talk about operational security. ...

Read More →
0

Securing IoT can make profitable sense to any company

Posted by:

A survey conducted by Ponemon in 2018 found that 97 percent of security professionals thought that a cyber attack vectoring from an insecure device could be “catastrophic” for the business. They also found that only 15 percent had bothered to do an inventory of the IoT devices, which were indeed connected to their systems. And only half had protocols to disconnect high-risk devices upon detection.

The survey stresses the importance of addressing this vulnerability:

Read More →

0

CCPA vs GDPR – what you need to know

Posted by:

Most of us are aware that California’s new consumer privacy law- CCPA – is set to take effect next January. While that might seem like eons away, it is not.

You might be forgiven for thinking that because you have twisted and strengthened your operation to comply with the EU’s General Data Protection Act, GDPR for short, you surely must be meeting the California privacy requirements.

Sadly – you are wrong. It’s ...

Read More →
0
Page 1 of 15 12345...»