Isn’t it time we talk seriously about a nation-wide Privacy Act?

Posted by:

Would you be surprised if someone told you that they felt even less secure online today, compared to five years ago? 

All we hear about are big companies screwing up and losing user data

Nah. Me neither. As reports Mitchell Noordyke from iapp, “state level momentum for comprehensive privacy bills is at an all time high. 

One of the hot topics now is whether the United States, Like the EU, ...

Read More →
0

How to avoid nasty flies in your bug bounty program

Posted by:

Bug bounties are increasing in popularity, but are there any steps to consider to ensure you keep any annoying flies at bay? Let’s take a quick look.  

Late last week, Google told security researchers that they have upped the bug bounty reward, making it significantly more attractive for researchers to invest in bug hunting.

Media reports cite that Google has received more than 8,500 security bug reports since the launch of its Chrome Vulnerability Rewards ...

Read More →
0

Securing IoT can make profitable sense to any company

Posted by:

A survey conducted by Ponemon in 2018 found that 97 percent of security professionals thought that a cyber attack vectoring from an insecure device could be “catastrophic” for the business. They also found that only 15 percent had bothered to do an inventory of the IoT devices, which were indeed connected to their systems. And only half had protocols to disconnect high-risk devices upon detection.

The survey stresses the importance of addressing this vulnerability:

Read More →

0

CCPA vs GDPR – what you need to know

Posted by:

Most of us are aware that California’s new consumer privacy law- CCPA – is set to take effect next January. While that might seem like eons away, it is not.

You might be forgiven for thinking that because you have twisted and strengthened your operation to comply with the EU’s General Data Protection Act, GDPR for short, you surely must be meeting the California privacy requirements.

Sadly – you are wrong. It’s ...

Read More →
0

Should C-level Bonuses Be Tied To Cybersecurity Posture?

Posted by:

The cybersecurity catch-22 – have you run across it? This is where, for example, you’ve found a vulnerability in a product, and you inform the affected company in a responsible way, but you never receive a response.

Or perhaps you work in the development team, and really want your employers to give you the resources you need to address a security flaw, only to see your requests shoved aside to focus on new, sexier features.

Read More →

0

2019: What to expect in cybersecurity this year

Posted by:

Another year is upon us. 2018 was a cyber rollercoaster with massive internet scandals and data breaches.  With that in mind there are a number of IT security topics that should be top of mind for 2019.

Take a look at a few we’ve identified…

Security by Design

We expect to see a greater focus on baked-in security, be this in application development, or in IT and company strategies. In 2018, with the enforcement of Europe’s data ...

Read More →
0

Will blockchain transform supply chain management?

Posted by:

Just as no man is an island, no business operates entirely on its own. We all have a supply chain, a support network of businesses providing the products and services we rely on to get our own work done.

This supply chain has always been a major risk point for businesses – we count on our suppliers to get their work done to standard and on time, but also to protect our interests, and in many cases our data and that ...

Read More →
0

Pen Tests and Red Teams are NOT the same

Posted by:

So the other day, I was debating the ins and outs of a cyber strategy to protect a network. At one point, my learned friend scoffed at me, saying I was splitting hairs – that there was essentially no difference between “red teaming” and penetration testing.

I respectfully disagreed, and here’s why:

Actually, let’s first admit that they do have one thing is common. They both are key to a holistic defense strategy, but they should not be conflated.

Let’s define what we ...

Read More →
0

Penetration Tests: Why It Stops Trouble Before It’s Too Late

Posted by:

No matter what kind of company you work in, if it has online assets – like a web store or site, or databases containing sensitive information like business strategies, financials, or customer info – you face a dilemma: how do I stop unauthorized users from entering restricted systems and accessing files, yet ensure seamless accessibility to my users?

There are of course countless approaches to this problem, usually including layers of security, powerful software and enforced policies. Now, even in big ...

Read More →
0

Supply Chain attacks: 80% of senior IT professionals say it’s fastest growing cyberthreat

Posted by:

Earlier this year, we wrote about supply chain risk, warning organizations to be more wary, especially since GDPR has come into full effect. That said, GDPR is by no means the only privacy regulation out there (consider Massachusetts’ CMR 17.00  or California’s 2018 Consumer Privacy Act. No longer can we assume little to no liability when it comes to third party processing or handling of sensitive data.

Read More →

0
Page 1 of 6 12345...»
})
SEC Cybersecurity Exams