Hunton Privacy

JANUARY 5, 2017

The Breach Memorandum, which is intended for each agency’s Senior Agency Official for Privacy (“SAOP”), updates OMB’s breach notification policies and guidelines in accordance with the Federal Information Security Modernization Act of 2014 (“FISMA”).

Data breaches 53

Data breaches Privacy Encryption Risk 53

Hunton Privacy

DECEMBER 7, 2015

On December 4, 2015, President Obama signed the Fixing America’s Surface Transportation Act (the ‘‘FAST Act’’) into law. The FAST Act, which is aimed at improving the country’s surface transportation infrastructure, contains a provision that modifies the annual privacy notice requirement under the Gramm-Leach-Bliley Act (“GLBA”).

Privacy 45

Privacy Marketing IT Information Security 45

DLA Piper Privacy Matters

JULY 1, 2019

Mr Schrems is an Austrian privacy activist who has concerns about the degree of cooperation between US companies and intelligence agencies, in particular in relation to Facebook’s sharing of EU citizens’ personal data with the National Security Agency.

Privacy 94

Privacy Personal data GDPR Risk 94

Data Matters

JUNE 12, 2018

In recent years, the Federal Trade Commission has increasingly exercised its enforcement authority to target deceptive and unfair information security practices. Until last week, that is. Wyndham Worldwide Corp., 3d 236 (3d Cir.

Cybersecurity 60

Cybersecurity Information Security Security IT 60

ForAllSecure

APRIL 22, 2021

It seems everything smart is hackable, with IoT startups sometimes repeating security mistakes first made decades ago. How then does one start securing it? Welcome to the hacker by original podcast from for all secure, it's about challenging our expectations about the people who hack for a living.

IoT 52

IoT Communications Security IT 52

ForAllSecure

APRIL 22, 2021

It seems everything smart is hackable, with IoT startups sometimes repeating security mistakes first made decades ago. How then does one start securing it? Welcome to the hacker by original podcast from for all secure, it's about challenging our expectations about the people who hack for a living.

IoT 52

IoT Communications Security IT 52

HL Chronicle of Data Protection

MAY 13, 2019

Of particular concern to state-level policymakers and enforcement authorities are business practices that in their view may contribute to security incidents. The insurance industry has not been immune from such scrutiny, and the imposition of business practice requirements intended to enhance cybersecurity sector-wide.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

Brandeis Records Manager

MAY 20, 2016

I’ve lived through several such examples. Goals over objectives over actions is a necessary exercise for anyone serious about developing a program-level endeavor. We might substitute “agile” for “tactical” to illustrate with a few examples. Any 2014 strategy didn’t foresee the resignation of our former president in 2015.

Records Management 49

Records Management Digital preservation Blockchain Record destruction 49

Data Matters

SEPTEMBER 29, 2021

The 2015 amendments to Rule 26(b)(1), however, were meant to resolve any doubt, returning the proportionality factors to their original place as part of the very definition of what is discoverable. The principle of proportionality in civil discovery is hardly new.4 5 In keeping with that aim, the scope of discovery has always been cabined.

Privacy 97

Privacy e-Discovery Computer and Electronics e-Delivery 97

Brandeis Records Manager

SEPTEMBER 10, 2015

While vague vendor Web language was nothing new to us, this immersive exercise left us astounded by just how hollow and unclear much of the vendor promotional language is. For example, I recently attended a webinar for a software product that most of us would recognize by name. It’s almost ubiquitous. We live in a digital world.”

Records Management 49

Records Management B2B Compliance Mining 49

IBM Big Data Hub

FEBRUARY 22, 2024

Artificial intelligence (AI) is transforming society, including the very character of national security. AI literacy is a must-have for security It’s important that personnel know how to deploy AI to improve organizational efficiencies. For example, have appropriate and inappropriate uses of the model been clearly communicated?

Artificial Intelligence 99

Artificial Intelligence Metadata Military Government 99

Data Protection Report

SEPTEMBER 25, 2017

These changes will have a significant impact on how companies manage personal data and secure their information systems. On the same day, the Cyber Security Agency (CSA) and the Ministry of Communications and Information (MCI) launched a public consultation to seek views and comments from the industry and members of public on the Cyber Bill.

Cybersecurity 40

Cybersecurity Data breaches Personal data Compliance 40

DLA Piper Privacy Matters

JULY 5, 2021

In 2015, the Belgian DPA initiated proceedings against Facebook Inc., However, to exercise this general competence, a DPA must be competent “with respect to a particular instance of data processing.” The case however originates from the pre-GDPR era. One-stop-shop as the general rule. Other relevant considerations.

GDPR 98

GDPR IT Compliance Marketing 98

Data Protection Report

APRIL 9, 2024

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) published a Notice of Proposed Rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which imposes new reporting requirements for entities operating in critical infrastructure sectors.

Ransomware 82

Ransomware Agriculture Cybersecurity Government 82

eSecurity Planet

MAY 28, 2021

Last week’s RSA Conference covered a litany of network security vulnerabilities, from developing more robust tokenization policies and to addressing UEFI-based attacks, and non-endpoint attack vectors. Perform purple team exercises to sharpen security posture. Deploy file integrity monitoring and threat hunt regularly.

Cybersecurity 93

Cybersecurity Ransomware Access Encryption 93

CGI

SEPTEMBER 9, 2015

Wed, 09/09/2015 - 21:21. While it is likely impossible to have perfect authentication security, taking care while engineering an authentication scheme can result in lowering risk to an acceptable level. It is also important to balance security concerns with user convenience so users are willing to use a strong system.

Authentication 40

Authentication Encryption Passwords Risk 40

ForAllSecure

SEPTEMBER 14, 2022

So perhaps a better example is Zarata, who we met in EPISODE TWO. It bills itself as the most comprehensive student-run cyber security event in the world, featuring nine individual hacking competitions, including CTFs. So I originally had kind of participated in cyber stakes, way back in 2015. Cyber 600 and that was.

Military 40

Military IT Education Cybersecurity 40

Troy Hunt

JANUARY 16, 2019

I've written before about what's involved in verifying data breaches and it's often a non-trivial exercise. If @1Password was to integrate with my newly released Pwned Passwords k-Anonymity model so you could securely check your exposure against the service (it'd have to be opt in, of course). Oh wow - look at this!

Data breaches 112

Data breaches Passwords Risk Personal data 112

ForAllSecure

JANUARY 27, 2021

Often I would just use a screwdriver and break a toaster, for example, down to its smallest components, and then try and map out its circuitry. Vamosi: Today, John has taken his juvenile curiosity in breaking things down to become a security researcher with Huntress Labs. Mechanical things. Electronic Things. My process was crude.

Computer and Electronics 52

Computer and Electronics Military IT Education 52

ForAllSecure

JANUARY 27, 2021

Often I would just use a screwdriver and break a toaster, for example, down to its smallest components, and then try and map out its circuitry. Vamosi: Today, John has taken his juvenile curiosity in breaking things down to become a security researcher with Huntress Labs. Mechanical things. Electronic Things. My process was crude.

Computer and Electronics 52

Computer and Electronics Military IT Education 52

Data Matters

MAY 31, 2019

Perhaps of most interest has been how the data protection authorities (“ DPAs ”) would exercise their expanded enforcement powers under the GDPR. These data breach notifications and subsequent investigations by DPAs will likely lead to further enforcement actions as compliance and security programs come under scrutiny from the DPAs.

GDPR 68

GDPR Data breaches Privacy Compliance 68

Troy Hunt

APRIL 15, 2019

For example, there was VTech back in 2015 who leaked millions of kids' info after they registered with "smart" tablets. The Gator3 watch turned out to have even more serious security flaws, storing parents and kids’ voice messages on an openly available webserver. but the link to the privacy and security policies was dead.

Passwords 111

Passwords Privacy Manufacturing Access 111

Data Matters

JUNE 25, 2018

For example, in 2013, the Federal Bureau of Investigation (FBI) partnered with Microsoft to disrupt more than 1,400 Citadel botnets. Subsequent joint public-private efforts targeted a botnet known as “ Beebone ” in 2015 and the more recent “ Mirai ” and “ Reaper ” attacks. Botnet Report. in isolation.”. in isolation.”.

Cybersecurity 60

Cybersecurity Government Risk Marketing 60

Troy Hunt

MARCH 3, 2021

Most organisation begin with "we take the security of your data seriously", layer on lawyer speak, talk about credit cards not being exposed and then promise to provide further updates as they come to hand. Gab's approach. This appears to be precisely what the file name suggests - statuses posted to Gab.

Passwords 145

Passwords Data breaches Mining Risk 145