Trending Articles

Microsoft Offers Payouts for New Spectre, Meltdown Flaws

Data Breach Today


Who governs the Internet?


ICANN, which oversees domain names on the Internet, keeps track of who owns which website, and until now has made a lot of that information publicly available. In order to comply with new EU privacy rules, ICANN is going to reduce the amount of information available to all but as- yet-to-be-determined accredited group. “Group to Tighten Web Privacy Rules,” The Wall Street Journal, March 16, 2018 B4.

Health Data Breaches Added to Tally Vary Widely

Data Breach Today

Malware, Mailing Errors and More Reported on the 'Wall of Shame' Large breaches involving hackers continue to plague the healthcare sector this year, but incidents involving lower-tech issues, including mailing errors, also are persisting

Artificial Intelligence and the Attack/Defense Balance

Schneier on Security

Artificial intelligence technologies have the potential to upend the longstanding advantage that attack has over defense on the Internet.

More Trending

It was nice being #2


“Nike No. 2 Executive Quits Amid Complaints,” The Wall Street Journal, March 16, 2018 B1. “Nike brand president and a potential successor to [CEO] leaves position after complaints about “inappropriate workplace behavior.” ” Why am I harping on the numerous resignations and dismissals over allegations of sexual harassment and similar? Isn’t this blog supposed to be about information governance?

IT 100

Israeli Security Attacks AMD by Publishing Zero-Day Exploits

Schneier on Security

Last week, the Israeli security company CTS Labs published a series of exploits against AMD chips. The publication came with the flashy website , detailed whitepaper , cool vulnerability names -- RYZENFALL, MASTERKEY, FALLOUT, and CHIMERA -- and logos we've come to expect from these sorts of things.

How charities can reduce the risk of cyber attacks

IT Governance

Charities might have fewer resources than the average for-profit organisation, but they still have an obligation to keep information secure. Anyone who signs up for a charity hands over their personal details, including their name, address and usually their payment card details.


Hacker Adrian Lamo Has Died at 37

WIRED Threat Level

The Colombian-American hacker became famous in the early 2000s for breaking into the systems at organizations like *The New York Times*, and later for his role in Chelsea Manning's arrest. Security

State Department Spends $0 of Anti-Propaganda Allocation

Data Breach Today

Congress Has Allocated $120 Million Since 2016 to Combat Foreign Campaigns To the surprise of many, $120 million allocated by Congress since late 2016 to help the State Department combat foreign governments' U.S.-focused focused propaganda and disinformation campaigns hasn't been spent.



What does blockchain have to do with information governance? It’s early days yet, but think about what happens with information. It gets created, modified, transferred, stored, used, reused, exchanged, and, hopefully, deleted at the end of its life. Would it be useful to be able to track who owns the information and where it is at each step of its life? Is a piece of information that much different than a cargo container being tracked from origin to destination? Just saying.

The 600+ Companies PayPal Shares Your Data With

Schneier on Security

One of the effects of GDPR -- the new EU General Data Protection Regulation -- is that we're all going to be learning a lot more about who collects our data and what they do with it. Consider PayPal, that just released a list of over 600 companies they share customer data with.

IT 82

5 ways to improve your information security

IT Governance

Organisations are always looking for ways to improve their security posture, but the process is often frustrating. As soon as they secure one weakness, cyber criminals find another one.

A Florida Bill Would Make Criminal Justice Data More Transparent Than Ever

WIRED Threat Level

A newly passed bill in the Florida Legislature would bring unprecedented levels of transparency to the criminal justice system. Security

Data 70

Trump Blocks Broadcom's Qualcomm Buy on Security Grounds

Data Breach Today

Administration Cites National Security, R&D Concerns President Donald Trump has blocked a bid by Singapore's Broadcom to acquire U.S. chipmaker Qualcomm on the grounds that could it could impact national security, including the United States' ability to help shape future mobile telephony standards

Knowledge is dangerous


“In a First, U.S. Firms Reveal Workers’ Pay Gap With CEO,” The Wall Street Journal , March 12, 2018 A1. US law requires disclosure of comparison of CEO’s pay to that of the median worker in the CEO’s company. Noodle on this for a minute. Who “owns” the information as to what you earn? Do you? If so, you could, if you wanted to, publish that information or post it on your door. Does your employer encourage you not to do that?

Access 100

E-Mailing Private HTTPS Keys

Schneier on Security

I don't know what to make of this story : The email was sent on Tuesday by the CEO of Trustico, a UK-based reseller of TLS certificates issued by the browser-trusted certificate authorities Comodo and, until recently, Symantec.

5 ways to detect a phishing email

IT Governance

Phishing has been used as a way for criminal hackers to gain sensitive information since the mid-1990s. It uses deceptive emails and websites to trick victims into clicking malicious links, downloading attachments or sending sensitive information.

Is All Encryption Equal?

Thales Data Security

Data encryption has been around almost since the age of computers. In truth, anyone with minimal experience can write a simple script that uses default services built into virtually every OS to encrypt data.

Routine teaching case


“Insider Trade Alleged After Equifax Breach,” The Wall Street Journal , March 15, 2018 B1. The CIO of an Equifax unit indicted for insider trading after learning of the Equifax hack, but before that information was disclosed. Sold nearly $1 million in stock 10 days before the disclosure. This reminds me of the lawyer who approved the sale by some Equifax execs of some stock after the breach but before disclosure. See post here.

Sales 100

Two New Papers on the Encryption Debate

Schneier on Security

Seems like everyone is writing about encryption and backdoors this season. Policy Approaches to the Encryption Debate ," R Street Policy Study #133, by Charles Duan, Arthur Rizer, Zach Graves and Mike Godwin. Encryption Policy in Democratic Regimes ," East West Institute.

Where to start with GDPR compliance

IT Governance

The first few steps of your EU General Data Protection Regulation (GDPR) compliance project can be the most confusing.

Trump Campaign Data Consultants Cambridge Analytica Took 50 Million Facebook Users' Data

WIRED Threat Level

New reports indicate that Cambridge Analytica, the data team affiliated with Trump's 2016 presidential campaign, harvested data from 50 million Facebook users—and Facebook failed to stop them. Security

Data 62

Facebook Attempts to Explain Data Leak, Denies 'Breach'

Data Breach Today

Political Data-Mining Firm Reportedly Obtained 50 Million Users' Private Details Facebook is under fire after reports suggested data-mining firm Cambridge Analytica obtained private information for 50 million Facebook users.

Mining 130

Cambridge Analytica and Facebook accused of misleading MPs over data breach

The Guardian Data Protection

Interesting Article on Marcus Hutchins

Schneier on Security

This is a good article on the complicated story of hacker Marcus Hutchins. bitcoin cybersecurity fraud hacking killswitch privacy ransomware

The practical steps for conducting a data flow audit

IT Governance

A data flow is a transfer of information from one location to another. To keep track of this information, organisations should consider data flow mapping. The process will help an organisation identify key gaps and the necessary steps to establish what data it has and where it flows to.

Youtube, Facebook, and Google Can't Expect Wikipedia to Cure the Internet

WIRED Threat Level

YouTube and other tech giants have repeatedly turned to Wikipedia to help solve some of their biggest problems—often without giving back. Security

US Power Company Fined $2.7 Million Over Data Exposure

Data Breach Today

Grid Regulator Says Company Left Critical Data Exposed for 70 Days A U.S. power company, unnamed by regulators, has been fined a record $2.7

Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach

The Guardian Data Protection

AI myths and misconceptions

OpenText Information Management

In this blog we welcome guest blogger Mariano Kristensen, Software Sales Executive at SAP Centre of Excellence, EMEA North. Mariano will be one of our experts at the upcoming OpenText™ Innovation Tour Stockholm on 20 April at The Grand Hotel.

Five reasons why law firms should adopt ISO 27001

IT Governance

Robust information security practices are critical to the legal sector – yet there is a notable gabetween the risks that firms face and their ability to mitigate them.