CCPA is now in effect. What you need to do about it

Posted by:

The California Consumer Privacy Act, or CCPA, seemed to take an age between being signed into law in 2018 and coming into effect in January of this year. Even after this long lead-up time, businesses were given an additional six months of grace. That six month has just come to an end on 1st July.

So now that CCPA has properly come into effect, what’s your business doing about it?

You ...

Read More →
0

TBG Data Breaches Part 2: It’s not (necessarily) your fault

Posted by:

Last time I discussed the ‘Did they really do that?!’ kind of data breach, the one where you can’t quite see how an organization could manage to have that much data exposed that openly for that long. We all laugh, but as the news clearly demonstrates, it could happen to any company of any size with seemingly any budget.

Malicious actors, however, aren’t just sitting around waiting for the latest instance of an accidental data splurge. They’re ...

Read More →
0

Lockdown Chaos and Compliance: Better and Faster with CISO On Demand

Posted by:

Anyone who is going for or has already achieved some kind of certification will know that getting there is difficult, time- and resource-consuming and requires buy in and input at all levels, especially from those at the top.

It might be a legal requirement for your industry such as HIPAA or PCI/DSS. Or you might be doing it to provide assurances to current and prospective clients, like ...

Read More →
0

Virgin Media and Not-Quite-Best-Practice Incident Reporting

Posted by:

Virgin Media, a UK telephone, cable TV and internet services provider released a statement two weeks ago admitting that they had exposed certain personal data of up to 900,000 people.

The short story is that they admitted it, they apologized, they informed both the affected people and the relevant authorities, and they set up a help and advice page for customers.

Great stuff, except…

While ...

Read More →
0

(Internet of) Things Change, and Not Always for the Better

Posted by:

I was chatting with one of my IT Admin friends the other day. Let’s call him Gary to spare him blushes. He has been working in offices for years, and I asked him what little things annoy him these days. Not the Big Stuff like ransomware and corporate spying, I just wanted to know about the day-to-day frustrations.

He said:

 “When I started out as ‘The IT Guy’ in the office, people would come and ask ...

Read More →
2

How to evidence your way thru compliance

Posted by:

I’m not usually a fan of nouns being used as verbs.  As Calvin said to Hobbes in Bill Watterson’s wonderful comic strip, “Verbing weirds language”.

I mean, who really ‘dialogues’ with colleagues, or  ‘greenlights’ tasks for them to ‘action’? 

But there’s one denominal verb https://en.wikipedia.org/wiki/Denominal_verb (yes of course there’s a word for it) which I find myself using, and that is ‘evidencing’. This is a wonderfully concise way of saying “proving ...

Read More →
0

Isn’t it time we talk seriously about a nation-wide Privacy Act?

Posted by:

Would you be surprised if someone told you that they felt even less secure online today, compared to five years ago? 

All we hear about are big companies screwing up and losing user data

Nah. Me neither. As reports Mitchell Noordyke from iapp, “state level momentum for comprehensive privacy bills is at an all time high. 

One of the hot topics now is whether the United States, Like the EU, ...

Read More →
0

How to avoid nasty flies in your bug bounty program

Posted by:

Bug bounties are increasing in popularity, but are there any steps to consider to ensure you keep any annoying flies at bay? Let’s take a quick look.  

Late last week, Google told security researchers that they have upped the bug bounty reward, making it significantly more attractive for researchers to invest in bug hunting.

Media reports cite that Google has received more than 8,500 security bug reports since the launch of its Chrome Vulnerability Rewards ...

Read More →
0

Securing IoT can make profitable sense to any company

Posted by:

A survey conducted by Ponemon in 2018 found that 97 percent of security professionals thought that a cyber attack vectoring from an insecure device could be “catastrophic” for the business. They also found that only 15 percent had bothered to do an inventory of the IoT devices, which were indeed connected to their systems. And only half had protocols to disconnect high-risk devices upon detection.

The survey stresses the importance of addressing this vulnerability:

Read More →

0

CCPA vs GDPR – what you need to know

Posted by:

Most of us are aware that California’s new consumer privacy law- CCPA – is set to take effect next January. While that might seem like eons away, it is not.

You might be forgiven for thinking that because you have twisted and strengthened your operation to comply with the EU’s General Data Protection Act, GDPR for short, you surely must be meeting the California privacy requirements.

Sadly – you are wrong. It’s ...

Read More →
0
Page 1 of 6 12345...»
})
SEC Cybersecurity Exams