Information Management Today

The iPhone 11 Pro’s Location Data Puzzler

Krebs on Security

DECEMBER 4, 2019

One of the more curious behaviors of Apple’s new iPhone 11 Pro is that it intermittently seeks the user’s location information even when all applications and system services on the phone are individually set to never request this data. A review of Apple’s support forum indicates other users are experiencing the same issue.

Privacy

Privacy Encryption IT Security

GUEST ESSAY: Securely managing access controls is vital to preserving the privacy of healthcare data

The Last Watchdog

NOVEMBER 8, 2021

However, healthcare data ranks at the top of the list for needing improvements in security and privacy protections. One significant factor is the merger and acquisition renaissancethat the healthcare industry is undergoing, which according to a new report from Moody’s Investors Service is expected to continue. Patient data exposures.

Access

Access Privacy Security IoT

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

These are just some examples of how organizations support data privacy , the principle that people should have control of their personal data, including who can see it, who can collect it, and how it can be used. One cannot overstate the importance of data privacy for businesses today.

Data Privacy

Data Privacy Privacy GDPR Personal data

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

News Alert: i2Coalition launches ‘VPN Trust Initiative’ to promote VPN operators’ best practices

The Last Watchdog

SEPTEMBER 26, 2023

Privacy: VPNs should keep as little data as they deem necessary to provide the service and only produce data to law enforcement when legally required. Privacy: VPNs should keep as little data as they deem necessary to provide the service and only produce data to law enforcement when legally required.

Privacy

Privacy Risk Encryption Authentication

ICANN Launches Service to Help With WHOIS Lookups

Krebs on Security

DECEMBER 6, 2023

ICANN made the policy change in response to the General Data Protection Regulation (GDPR), a law enacted by the European Parliament that requires companies to gain affirmative consent for any personal information they collect on people within the European Union. This video from ICANN walks through how the system works.

Phishing

Phishing GDPR Personal data Communications

Maintaining GDPR and Data Privacy Compliance in 2024

IT Governance

FEBRUARY 16, 2024

He’s also an award-winning author, and has been involved in developing a wide range of information security and data privacy training courses, has consulted for clients across the globe, and is a regular media commentator and speaker. We sat down to chat to him about industry challenges in 2024.

Data Privacy

Data Privacy GDPR Compliance Privacy

The UK ICO and Ofcom to Work Together on Online Safety and Data Protection

Hunton Privacy

NOVEMBER 28, 2022

The regulators noted that the statement is primarily intended for online service providers that are likely to be regulated under the online safety regime, but it also will be of interest to other stakeholders as an indication of their joint direction.

Compliance

Compliance Privacy Communications IT

Biden AI Order Enables Agencies to Address Key Risks

Hunton Privacy

OCTOBER 31, 2023

It marks the Biden Administration’s most comprehensive action on artificial intelligence policy, building upon the Administration’s Blueprint for an AI Bill of Rights (issued in October 2022) and its announcement (in July 2023) of securing voluntary commitments from 15 leading AI companies to manage AI risks. Supporting Workers.

Risk

Risk Artificial Intelligence Privacy Military

Apple Explains Mysterious iPhone 11 Location Requests

Krebs on Security

DECEMBER 5, 2019

KrebsOnSecurity ran a story this week that puzzled over Apple ‘s response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user’s location even when all applications and system services are individually set never to request this data.

Privacy

Privacy Compliance Communications IT

Turn on MFA Before Crooks Do It For You

Krebs on Security

JUNE 19, 2020

As a career chief privacy officer for different organizations, Dennis Dayman has tried to instill in his twin boys the importance of securing their online identities against account takeovers. “They said their policy was not to turn over accounts to someone who couldn’t provide the second factor,” he said. .

IT

IT Authentication Passwords Access

IBM Cloud delivers enterprise sovereign cloud capabilities

IBM Big Data Hub

FEBRUARY 22, 2024

We strongly believe the influx of data associated with AI will fuel tremendous business innovations, but requires strategic considerations, including around where data resides, data privacy, resilience, operational controls, regulatory requirements and compliance, and certifications.

Cloud

Cloud Computer and Electronics Compliance Financial Services

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

Thales Cloud Protection & Licensing

JANUARY 16, 2024

Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds madhav Wed, 01/17/2024 - 05:46 The Digital Operational Resilience Act (DORA) will apply to the EU financial sector from 17 January 2025. As set out in its Article 2, DORA applies to the entire financial services sector.

Financial Services

Financial Services Cloud Cybersecurity Encryption

Six eDiscovery Trends for 2024

eDiscovery Daily

JANUARY 10, 2024

Artificial intelligence may be a technological boost in support of access to justice and assisting legal aid providers looking for increased efficiency at low cost. Data Privacy Restrictions Will Increase With the growing awareness and importance of data privacy, governments and corporations will encounter more stringent regulations globally.

Blockchain

Blockchain Artificial Intelligence Cloud Compliance

What Is a Firewall Policy? Steps, Examples & Free Template

eSecurity Planet

JANUARY 5, 2024

A firewall policy is a set of rules and standards designed to control network traffic between an organization’s internal network and the internet. Featured Partners: Next-Gen Firewall (NGFW) Software Learn more Table of Contents Toggle Free Firewall Policy Template What Are the Components of Firewall Policies?

Compliance

Compliance Access Communications Cybersecurity

Why Cyber Insurance is Essential in 2022

IT Governance

MAY 24, 2022

Policies provide organisations with the means to implement incident response measures, such as forensic investigation, legal assistance and public relations support. The UK government’s Cyber Security Breaches Survey 2022 found that only 43% of businesses have a cyber insurance policy. The benefits of cyber insurance.

Insurance

Insurance Data breaches GDPR Ransomware

SEC Advances Three New Cybersecurity Rule Proposals

Hunton Privacy

MARCH 23, 2023

Regulation S-P imposes privacy, data security, and data disposal rules on broker-dealers, investment advisers, and investment companies subject to the SEC’s authority under the Gramm-Leach-Bliley Act. The SEC also proposed Rule 10 , which would require certain entities that perform critical services to support the U.S.

Cybersecurity

Cybersecurity Marketing Compliance Risk

What are the benefits of cyber security as a service?

IT Governance

DECEMBER 14, 2021

With organisations’ cyber security requirements becoming more complex and the threat of cyber attacks growing each year, many decision-makers are turning towards cyber security as a service. In this blog, we look at three other ways that cyber security as a service can benefit your organisation, and help you understand how the process works.

Security

Security Insurance Data breaches Information Security

GUEST ESSAY: Addressing data leaks and other privacy, security exposures attendant to M&As

The Last Watchdog

JANUARY 27, 2022

Related: Stolen data used to target mobile services. Many attribute this steady growth to the increase in work-from-home models and adoption of cloud services since the beginning of the COVID-19 pandemic. Fast-paced deals and lack of support from the acquired organization can also exacerbate these risks. Post-Close Risks.

Privacy

Privacy Security Risk Marketing

NIST releases version 1.0 of the Privacy Framework

Security Affairs

JANUARY 20, 2020

of Privacy Framework, it is a tool designed to help organizations to manage privacy risks. of its privacy framework. The Framework is a voluntary tool that can be used by organizations to manage risks in compliance with privacy legislation, including the European GDPR. The NIST released version 1.0

Privacy

Privacy Risk Compliance Communications

CIPL Responds to UK Digital Regulation Cooperation Forum (DRCF) Workplan 2023 to 2024 Call for Input

Hunton Privacy

FEBRUARY 7, 2023

On January 26, 2023, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth responded to a call for input from the UK’s Digital Regulation Cooperation Forum (DRCF) on its workplan for 2023 – 2024.

Data Privacy

Data Privacy Blockchain Compliance Privacy

A Guide to Key Management as a Service

Thales Cloud Protection & Licensing

JUNE 15, 2023

A Guide to Key Management as a Service madhav Thu, 06/15/2023 - 11:29 As companies adopt a cloud-first strategy and high-profile breaches hit the headlines, securing sensitive data has become a paramount business concern. What is Key Management as a Service?

Encryption

Encryption Compliance Cloud Authentication

CIPL Publishes Key Takeaways from Age Assurance and Age Verification Tools Roundtable

Hunton Privacy

MARCH 20, 2023

On February 16, 2023, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP held a virtual roundtable to discuss the role of age assurance and age verification tools as part of its Children’s Data Privacy Project. Children may falsify their age in order to access online services.

Risk

Risk Data Privacy Privacy Compliance

First CCPA Enforcement Action Settlement Announced by California AG

Hunton Privacy

AUGUST 25, 2022

On August 24, 2022, California Attorney General Rob Bonta announced the Office of the Attorney General’s (“OAG’s”) first settlement of a California Consumer Privacy Act (“CCPA”) enforcement action, against Sephora, Inc. It also indicates that the OAG is serious about enforcing businesses’ compliance with the Global Privacy Control.

Sales

Sales Analytics Privacy Retail

Navigating the Future: Strategic Insights on Identity Verification and Digital Banking in 2024

Thales Cloud Protection & Licensing

JANUARY 3, 2024

Keeping abreast of technological advancements and consumer expectations is vital, ensuring that digital banking services remain competitive and secure. These entities will revolutionize the ID market with enhanced privacy protection, personalized services, and nuanced resource access.

Encryption

Encryption Data Privacy Privacy B2B

Why every librarian needs to be involved in shaping your AI Policy

CILIP

FEBRUARY 1, 2024

The answer - according to the BBC and the UK Information Commissioner’s Office (ICO) at least – is that we need to use this brief hiatus in disruptive announcements to develop and share effective policies for the use of AI by staff. This idea of ‘explainability’ is central to the ICO approach – and to the legal requirements on organisations.

Artificial Intelligence

Artificial Intelligence Libraries GDPR Risk

Mastering identity security: A primer on FICAM best practices

IBM Big Data Hub

FEBRUARY 5, 2024

Identity management is the orchestration of policies enabling organizations to establish, sustain, and delete user identities, crucial for verifying identities, managing user accounts, and maintaining accurate account records. A singular policy enforcement and decision point is advised for consistency and standardization of access decisions.

Security

Security Authentication Compliance Access

GUEST ESSAY: The case for network defenders to focus on leading — not lagging — indicators

The Last Watchdog

JANUARY 17, 2022

This reporting often requires a host of metrics that define success, like Annual Recurring Revenue and sales for software as a service (SaaS) companies. If targets such as defect density or compliance to scanner policy (i.e. A key CEO responsibility is reporting results that deliver on a company’s mission to shareholders.

Sales

Sales Compliance B2B Risk

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

The Last Watchdog

MARCH 8, 2021

Like a couple of WWE arch rivals, Apple’s Tim Cook and Facebook’s Mark Zuckerberg have squared off against each other in a donnybrook over consumer privacy. Cook initially body slammed Zuckerberg — when Apple issued new privacy policies aimed at giving U.S. Related: Raising kids who care about their privacy.

Privacy

Privacy Personal data Manufacturing Data Privacy

Out With the Old, In with the New: Five Members Join the California Privacy Protection Agency Board and California Attorney General Xavier Becerra Moves to HHS

DLA Piper Privacy Matters

MARCH 19, 2021

The California Privacy Rights Act 2020 Initiative (“CPRA”) both amends the California Consumer Privacy Act (“CCPA”) and establishes the first administrative privacy agency in the US, the California Privacy Protection Agency (“CPPA”). The Board appointees are: Chair Jennifer M.

Privacy

Privacy Personal data Paper Cybersecurity

Get frictionless insight to the data that matters

Collibra

MARCH 1, 2023

It’s no wonder nearly all enterprises use cloud services. This latest release includes new integrations, Collibra Protect support for BigQuery, and new Data Quality & Observability features that enable deeper visibility for better insight into the data that matters most. More productivity. More efficiency. Scalability.

Cloud

Cloud Metadata Access Analytics

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

eSecurity Planet

APRIL 15, 2024

Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users’ data security. To mitigate these risks, users must promptly apply vendor-provided software patches and updates, as well as exercise vigilance when using online services and apps.

Libraries

Libraries Risk Cybersecurity Honeypots

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

An Experian support person Turner reached via phone after a lengthy hold time asked for his Social Security Number (SSN) and date of birth, as well as his account PIN and answers to his secret questions. . ” To be clear, Experian does have a business unit that sells one-time password services to businesses.

Passwords

Passwords Authentication Security Privacy

Don’t pause AI development, prioritize ethics instead

IBM Big Data Hub

MAY 2, 2023

A turning point for AI When ethically designed and responsibly brought to market, generative AI capabilities support unprecedented opportunities to benefit business and society. They can help create better customer service and improve healthcare systems and legal services. AI is an ever-evolving technology.

Privacy

Privacy Government Risk Marketing

NEW TECH: DigiCert unveils ‘Trust Lifecyle Manager’ to centralize control of digital certificates

The Last Watchdog

JANUARY 17, 2023

As a leader of digital trust, DigiCert is best known as a Certificate Authority (CA) and a supplier of services to manage PKI. DigiCert’s new solution is designed to “unify PKI services, public trust issuance and CA-agnostic certificate lifecycle management,” he told me. First, however, PKI sprawl must be mitigated, Trzupek argues.

Authentication

Authentication Cloud Encryption Manufacturing

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

The 911 service as it exists today. For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States.

Computer and Electronics

Computer and Electronics Sales Marketing Access

Market Leading Cybersecurity and National Security Lawyers David Lashway and John Woods Join Sidley in Washington, D.C.

Data Matters

MAY 4, 2022

Sidley announced today that David Lashway and John Woods have joined as partners in the firm’s Privacy and Cybersecurity practice in Washington, D.C. Adding significant bench strength to our Chambers-ranked Privacy and Cybersecurity practice is a win for Sidley and our clients,” said Yvette Ostolaza, Sidley’s Management Committee Chair.

Cybersecurity

Cybersecurity Marketing Security Privacy

How to write an ISO 27001 remote access policy

IT Governance

NOVEMBER 30, 2021

ISO 27002, the code of practice for ISO 27001, contains guidance on creating a remote access policy, which ensures that the risks associated with home working are identified and addressed. Why you need a remote access policy. What should be included in a remote access policy.

Access

Access Risk Passwords Cloud

New Research Shows Why and How Zoom Could Become an Advertising Driven Business

John Battelle's Searchblog

APRIL 19, 2020

Zoom’s high growth rate and “software as a service” business model guaranteed fantastic future profits, and investors rewarded the company by driving its stock up even further. As the virus forced the world inside, demand for Zoom’s services skyrocketed, and the company became a household name nearly overnight.

Privacy

Privacy Data collection Marketing Communications

Google to Prevent App Developers from Using Advertising ID for Any Purpose Following User Opt-Out

Hunton Privacy

JUNE 3, 2021

On June 3, 2021, Google informed app developers that beginning in late 2021, when Android 12 OS users opt out of personalized ads, the advertising ID provided by Google Play services (the Google Ad ID, or “GAID”) will not be made available to app developers for any purpose.

Analytics

Analytics Privacy Data Privacy Security

C-11 – The act to enact the Consumer Privacy Protection Act: Five top measures to get ready

Privacy and Cybersecurity Law

DECEMBER 10, 2020

Chantal Bernier, National Practice Leader, Privacy and Cybersecurity, Dentons Canada LLP Former Interim Privacy Commissioner of Canada. It will apply to all businesses across Canada, except to provincial businesses in Alberta, British Columbia and Québec where provincial privacy laws apply to the private sector. .

Privacy

Privacy Compliance Artificial Intelligence Risk

Black Hat insights: Generative AI begins seeping into the security platforms that will carry us forward

The Last Watchdog

AUGUST 13, 2023

The popular service, ChatGPT , is based on OpenAI ’s LLM, which taps into everything available across the Internet through 2021, plus anything a user cares to feed into it. I came away with a much better understanding of the disruption/transformation that is gaining momentum, with respect to privacy and cybersecurity.

Security

Security Cloud Artificial Intelligence Cybersecurity

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

The investor expressed interest in financially supporting Doug’s startup, and asked if Doug could find time for a video call to discuss investment prospects. Doug clicked the new link, but instead of opening up a videoconference app, a message appeared on his Mac saying the video service was experiencing technical difficulties.

Phishing

Phishing Blockchain Military Passwords

Artificial intelligence and a new era of human resources

IBM Big Data Hub

OCTOBER 9, 2023

Artificial intelligence (AI) can help usher in a new era of human resource management, where data analytics, machine learning and automation can work together to save people time and support higher-quality outcomes. AI-powered HR chatbots can help empower employees with fast answers and self-service support.

Artificial Intelligence

Artificial Intelligence Privacy Records Management Analytics

An Agency Is Born: California Appoints Board of Its New California Privacy Protection Agency

Data Matters

MARCH 19, 2021

On March 17, 2021, California officials announced the appointment of five board members of the California Privacy Protection Agency ( the “CPPA”), the first data protection agency in the United States. Board appointees were drawn from academia, government, and public service: Jennifer M.

Privacy

Privacy IT Education Government

The iPhone 11 Pro’s Location Data Puzzler

GUEST ESSAY: Securely managing access controls is vital to preserving the privacy of healthcare data

Webinars

Trending Sources

Data privacy examples

Webinars

News Alert: i2Coalition launches ‘VPN Trust Initiative’ to promote VPN operators’ best practices

ICANN Launches Service to Help With WHOIS Lookups

Maintaining GDPR and Data Privacy Compliance in 2024

The UK ICO and Ofcom to Work Together on Online Safety and Data Protection

Biden AI Order Enables Agencies to Address Key Risks

Apple Explains Mysterious iPhone 11 Location Requests

Turn on MFA Before Crooks Do It For You

IBM Cloud delivers enterprise sovereign cloud capabilities

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

Six eDiscovery Trends for 2024

What Is a Firewall Policy? Steps, Examples & Free Template

Why Cyber Insurance is Essential in 2022

SEC Advances Three New Cybersecurity Rule Proposals

What are the benefits of cyber security as a service?

GUEST ESSAY: Addressing data leaks and other privacy, security exposures attendant to M&As

NIST releases version 1.0 of the Privacy Framework

CIPL Responds to UK Digital Regulation Cooperation Forum (DRCF) Workplan 2023 to 2024 Call for Input

A Guide to Key Management as a Service

CIPL Publishes Key Takeaways from Age Assurance and Age Verification Tools Roundtable

First CCPA Enforcement Action Settlement Announced by California AG

Navigating the Future: Strategic Insights on Identity Verification and Digital Banking in 2024

Why every librarian needs to be involved in shaping your AI Policy

Mastering identity security: A primer on FICAM best practices

GUEST ESSAY: The case for network defenders to focus on leading — not lagging — indicators

MY TAKE: Apple users show strong support for Tim Cook’s privacy war against Mark Zuckerberger

Out With the Old, In with the New: Five Members Join the California Privacy Protection Agency Board and California Attorney General Xavier Becerra Moves to HHS

Get frictionless insight to the data that matters

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

Experian, You Have Some Explaining to Do

Don’t pause AI development, prioritize ethics instead

NEW TECH: DigiCert unveils ‘Trust Lifecyle Manager’ to centralize control of digital certificates

A Deep Dive Into the Residential Proxy Service ‘911’

Market Leading Cybersecurity and National Security Lawyers David Lashway and John Woods Join Sidley in Washington, D.C.

How to write an ISO 27001 remote access policy

New Research Shows Why and How Zoom Could Become an Advertising Driven Business

Google to Prevent App Developers from Using Advertising ID for Any Purpose Following User Opt-Out

C-11 – The act to enact the Consumer Privacy Protection Act: Five top measures to get ready

Black Hat insights: Generative AI begins seeping into the security platforms that will carry us forward

Calendar Meeting Links Used to Spread Mac Malware

Artificial intelligence and a new era of human resources

An Agency Is Born: California Appoints Board of Its New California Privacy Protection Agency

Stay Connected