Information Management Today

Information Governance: It’s What you Retain that Matters

AIIM

APRIL 11, 2024

It’s funny how corporate leaders get serious about information governance right after their company has been hit with a lawsuit or regulatory action. But that’s usually when many executives decide it's time to implement information governance and in particular, document retention. OK, it’s not funny at all.

Information governance

Information governance Government IT

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

Schneier on Security

APRIL 9, 2024

It was a serious attack by the Chinese government that accessed the emails of senior U.S. government officials. US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. From the executive summary: The Board finds that this intrusion was preventable and should never have occurred.

Government

Government Cloud Access Security

GUEST ESSAY: NIST’s Cybersecurity Framework update extends best practices to supply chain, AI

The Last Watchdog

MARCH 25, 2024

Here are the core components the security community knows: Govern (GV): Sets forth the strategic path and guidelines for managing cybersecurity risks, ensuring harmony with business goals and adherence to legal requirements and standards. Noteworthy updates The new 2.0 by diverse organizations.

Cybersecurity

Cybersecurity Artificial Intelligence Risk Government

Uber Data Breach Results in Corporate Cooperation and Executive Conviction

Data Matters

OCTOBER 13, 2022

Sullivan, a former federal prosecutor, appears to be the first corporate executive criminally prosecuted—let alone convicted—for his response to a data security incident perpetrated by criminals. During this testimony, Sullivan made specific representations about steps he claimed Uber had taken to keep customer data secure.

Data breaches

Data breaches Government Privacy Cybersecurity

OpenAI Is Not Training on Your Dropbox Documents—Today

Schneier on Security

DECEMBER 19, 2023

We don’t trust tech corporations. And—to be fair—corporations in general. Companies lying about what they do with your privacy is a very serious allegation. A key role of government is to prevent this from happening. The corporations that have our data want the money. It seems not to be true.

Privacy

Privacy GDPR Risk Government

4th Annual Legal Industry Collaboration Data Survey

Hanzo Learning Center

AUGUST 29, 2023

Our focus is to gain knowledge about any challenges that corporate legal teams encounter in relation to these new data types and their relationship with ediscovery and information governance. The adoption of collaboration tools such as Slack and Microsoft Teams in enterprises has experienced remarkable growth in recent years.

Information governance

Information governance Communications Government Access

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims. The government alleges that on May 7, 2022, Singh used stolen credentials to log into a U.S.

Government

Government Communications Access Security

GUEST ESSAY: Restore Us Institute (RUI) aims to protect Americans from online harms and crimes

The Last Watchdog

OCTOBER 3, 2022

Government policymakers decided in the 1990s to promote inherently insecure, nascent Internet technology to be the world’s primary global information infrastructure for all the world’s communications, content, and commerce. Government policymakers decided in the 1990s to de facto nationally abdicate governing online.

Government

Government Authentication Communications Privacy

LinkedIn Adds Verified Emails, Profile Creation Dates

Krebs on Security

NOVEMBER 4, 2022

Responding to a recent surge in AI-generated bot accounts, LinkedIn is rolling out new features that it hopes will help users make more informed decisions about with whom they choose to connect. “These warnings will also give you the choice to report the content without letting the sender know.” A follow-up story on Oct.

Artificial Intelligence

Artificial Intelligence Information Security Cybersecurity Risk

Wanted: Disgruntled Employees to Deploy Ransomware

Krebs on Security

AUGUST 19, 2021

Reached via LinkedIn, Sociogram founder Oluwaseun Medayedupin asked to have his startup’s name removed from the story, although he did not respond to questions about whether there were an inaccuracies in Hassold’s report. – Government entities. Image: Abnormal Security. “I beg you as a promising young man.”

Ransomware

Ransomware Access Phishing Encryption

DOJ Publishes New Corporate Compliance Guidance Related to Communications Platforms and Messaging Applications

Hunton Privacy

MARCH 20, 2023

Department of Justice (“DOJ”) released an update to its Evaluation of Corporate Compliance Programs guidance (“ECCP Guidance”). The ECCP Guidance serves as a guidance document for prosecutors when evaluating a corporate compliance program. Read more about the ECCP Guidance.

Communications

Communications Compliance Risk Government

MY TAKE: What if Big Data and AI could be intensively focused on health and wellbeing?

The Last Watchdog

JANUARY 11, 2022

This push is coming from the corporate sector. Last August, NTT , the Tokyo-based technology giant, unveiled its Health and Wellbeing initiative – an ambitious effort to guide corporate, political and community leaders onto a more enlightened path. Fixing data governance. That’s a sizable fish to fry.

Big data

Big data Analytics Personal data Government

Nissan Oceania data breach impacted roughly 100,000 people

Security Affairs

MARCH 14, 2024

The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident. The company did not share details about the attack or its scope, but a few weeks later the Akira ransomware group claimed to have stolen 100 GB of information from the company.

Data breaches

Data breaches Financial Services Ransomware Government

News alert: NCA’s Data Privacy Week webinars highlight data protection for consumers, businesses

The Last Watchdog

JANUARY 23, 2024

This year’s Data Privacy Week will center around one core theme – Take Control of Your Data: Online presence generates a significant amount of data collected by websites, apps, and companies globally, including details about interests, purchases, and behaviors. Give Data Brokers the Slip! Protect Our Kids’ Privacy!

Data Privacy

Data Privacy Privacy Education Cybersecurity

Protecting or Posturing: What's Acceptable in New Data Privacy Practices

AIIM

APRIL 13, 2021

Prompted by new concerns about digital privacy and ethics, The State of Virginia recently became the second state, behind California, to adopt a comprehensive consumer data privacy law. and Jasen Hutchinson, Manager, Corporate Records Compliance, JEA.

Data Privacy

Data Privacy Privacy Artificial Intelligence Personal data

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

MAY 30, 2022

Fundamentally, cybersecurity professionals identify weaknesses and design systems and processes to protect any organization — government agencies, private companies — from cyberattacks. Many government and non-profit organizations like VetJobs and VetsinTech are doing just this. Plus — they tend to pay well too.

Cybersecurity

Cybersecurity Military Education Government

GUEST ESSAY: Scammers leverage social media, clever con games to carry out digital exploitation

The Last Watchdog

MARCH 20, 2023

The success of digital exploitation can be attributed to several factors, including difficulty in keeping up with the latest security measures, increased reliance on technology and the internet, and a general lack of awareness and education about the dangers of the internet.

Cybersecurity

Cybersecurity Education Insurance Data breaches

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. 0ktapus used newly-registered domains that often included the name of the targeted company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule.

Passwords

Passwords Phishing Access Encryption

TikTok Banned on UK Government Devices

IT Governance

MARCH 16, 2023

The UK government has announced plans to ban ministers and civil servants from using TikTok on work devices. The problems stem from TikTok’s ties to the Chinese government and the ways that people’s personal data could be used for nefarious purposes. A quarter of its users are under 20 years old, and half are under 30.

Government

Government Data Privacy Privacy GDPR

Anonymous continues to support Ukraine against the Russia

Security Affairs

MARCH 17, 2022

The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. The collective Anonymous, and other groups in its ecosystem, continue to target the Russian government and private organizations. Let’s summarize the most interesting attacks observed in the last few days.

Military

Military Communications Government Access

GUEST ESSAY: Threat hunters adapt personas, leverage AI to gather intel in the Dark Web

The Last Watchdog

JUNE 20, 2022

The Deep & Dark Web is a mystery to most in the mainstream today: many have heard about it, but few understand just a fraction of what’s going on there. Once vetted and accepted, threat hunters will go into these message boards and communities and search for anything connected to your business, for example: •Corporate login credentials.

Ransomware

Ransomware Access Marketing Data collection

Rethinking Acceptable Use Polices

AIIM

MAY 11, 2021

A staple of many Information Technology (IT) policy suites is the Acceptable Use Policy (AUP), intended to govern what people working in the organization can and cannot do with the technology we provide them. disclosing any sensitive corporate information. destroying corporate information without authorization. Those are silos.

Computer and Electronics

Computer and Electronics Paper Government Communications

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Krebs on Security

OCTOBER 20, 2022

LinkedIn declined to answer questions about the account purges, saying only that the company is constantly working to keep the platform free of fake accounts. LinkedIn declined to comment about that earlier account purge, saying only that, “We’re constantly working at taking down fake accounts.” A follow-up story on Oct.

IT

IT Information Security Cybersecurity Security

A Serial Tech Investment Scammer Takes Up Coding?

Krebs on Security

APRIL 3, 2023

But publicly available information about this company and its leadership suggests otherwise. Companies House says Mykhailov is an officer in three other companies, including one called Blackstone Corporate Alliance Ltd. According to the Swiss business tracking service business-monitor.ch , Blackstone Corporate Alliance Ltd.

Communications

Communications Marketing Security Insurance

News alert: SandboxAQ launches new open source framework to simplify cryptography management

The Last Watchdog

AUGUST 8, 2023

“Sandwich provides developers with an easy set of tools to integrate the latest cryptography standards to reduce the number of vulnerable applications that security-minded organizations have to worry about.” SandboxAQ recently launched its Security Suite which handles discovery and remediation of encryption vulnerabilities.

Libraries

Libraries Encryption Access Cybersecurity

Work Remotely Without Compromising Your Data

AIIM

JANUARY 7, 2021

A recent study commissioned by Egnyte surveyed 400 IT leaders to understand how COVID-19 has impacted businesses’ ability to maintain data security and governance with a distributed workforce. Enable Controlled Sharing: Deploy user-friendly collaboration with robust governance controls. This is about risk reduction over time.

Unstructured data

Unstructured data Government Artificial Intelligence Risk

Seiko confirmed a data breach after BlackCat attack

Security Affairs

OCTOBER 26, 2023

Seiko Group Corporation (hereinafter referred to as “the Company” or “we”) has confirmed that on July 28th of this year, the Company suffered a possible data breach. “We had previously announced on August 10, 2023, about the unauthorized access to our servers (*). This unauthorized access was the result of a ransomware attack.

Data breaches

Data breaches Ransomware Cybersecurity Personal data

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying.

Schneier on Security

DECEMBER 5, 2023

Computers collect data about what we’re doing on them, and as both storage and processing have become cheaper, that data is increasingly saved and used. Yes, spyware companies like NSO Group help the government hack into people’s phones , but someone still has to sort through all the conversations. It’ll tell you.

Marketing

Marketing Government Data Privacy Privacy

Experts: Breach at IT Outsourcing Giant Wipro

Krebs on Security

APRIL 15, 2019

Wipro has refused to respond to questions about the alleged incident. 12, Nair sent a statement that acknowledged none of the questions Wipro was asked about an alleged security incident involving attacks against its own customers. On Friday, Apr. “Wipro has a multilayer security system,” the company wrote.

IT

IT Insurance Communications Phishing

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Krebs on Security

FEBRUARY 20, 2024

Instead of listing data stolen from ransomware victims who didn’t pay, LockBit’s victim shaming website now offers free recovery tools, as well as news about arrests and criminal charges involving LockBit affiliates. This prompted several XSS members to start posting memes taunting the group about the security failure.

Ransomware

Ransomware Encryption Insurance Manufacturing

The Importance of Data Governance and Compliance

IT Governance

JUNE 21, 2022

Data governance and regulatory compliance go hand in hand. Organisations need robust governance practices if they are to stay on top of their legal requirements, while those obligations are designed to help them operate more effectively. Why is data governance important? What to include in a data governance strategy.

Compliance

Compliance Government GDPR Sales

Internet Backbone Giant Lumen Shuns.RU

Krebs on Security

MARCH 8, 2022

Lumen’s decision comes just days after a similar exit by backbone provider Cogent , and amid a news media crackdown in Russia that has already left millions of Russians in the dark about what is really going on with their president’s war in Ukraine. Monroe, La. ru) from the Internet. .”

Military

Military Government Risk Business Services

eDiscovery Market Leaders CloudNine & Gimmal Announce New Partnership to Extend Data Governance Capabilities

Gimmal

MARCH 8, 2023

HOUSTON, March 8, 2023 /PRNewswire/ — Gimmal, the market’s only end-to-end information governance platform, announced its partnership with leading data discovery and review platform, CloudNine. About Gimmal Gimmal is information governance, simplified. Learn more about CloudNine at www.cloudnine.com.

Marketing

Marketing Government Information governance Compliance

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

10, 2020, Citrix disclosed additional details about the incident. While the notification does not specify whether the attackers stole proprietary data about the company’s software and internal operations, the intruders certainly had ample opportunity to access at least some of that information as well. 13, 2018 and Mar.

Passwords

Passwords Access Insurance Government

Architect to operationalize your sustainability goals

IBM Big Data Hub

OCTOBER 26, 2023

A corporate sustainability report is a comprehensive document that outlines a company’s efforts, policies, practices and performance related to social, environmental and economic sustainability. Moreover, siloed software often doesn’t seamlessly integrate into a multi-hybrid cloud corporate architecture.

Analytics

Analytics IT Cloud Risk

GUEST ESSAY: Why the next round of cyber attacks could put many SMBs out of business

The Last Watchdog

AUGUST 12, 2019

In the last year, the news media has been full of stories about vicious cyber breaches on municipal governments. From Atlanta to Baltimore to school districts in Louisiana, cyber criminals have launched a wave of ransomware attacks on governments across the country. It is not of a matter of “if” but “when.”

Cybersecurity

Cybersecurity Risk Insurance Government

MY TAKE: Sophos X-Ops advances internal, external threat intelligence sharing to the next level

The Last Watchdog

NOVEMBER 14, 2023

Related: How ‘Internet Access Brokers’ fuel ransomware I happened to be in the audience at Stanford University when President Obama took to the stage to issue an executive order challenging the corporate sector and federal government to start collaborating as true allies. I’ll keep watch and keep reporting.

Ransomware

Ransomware Military Government Security

AI and Mass Spying

Schneier on Security

DECEMBER 5, 2023

Computers collect data about what we’re doing on them, and as both storage and processing have become cheaper, that data is increasingly saved and used. Yes, spyware companies like NSO Group help the government hack into people’s phones , but someone still has to sort through all the conversations. It’ll tell you.

Marketing

Marketing Government Data Privacy Privacy

Fake CISO Profiles on LinkedIn Target Fortune 500s

Krebs on Security

SEPTEMBER 30, 2022

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. and includes this detail about how she became a self-described “old-school geek.” Maryann’s profile says she’s from Tupelo, Miss.,

Information Security

Information Security Communications IT Cybersecurity

President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

Hunton Privacy

JULY 5, 2022

On June 21, 2022, President Biden signed into law, the State and Local Government Cybersecurity Act of 2021 (S. 1097) (the “Cyber Workforce Program Act”), two bipartisan bills aimed at enhancing the cybersecurity postures of the federal, state and local governments.

Cybersecurity

Cybersecurity Government Education Communications

Key Takeaways on eDiscovery/eDisclosure, Info Governance and Collaboration from The Master’s Conference in London

eDiscovery Daily

AUGUST 3, 2023

Exceeding Corporate Client Expectations The first session of the conference, moderated by Richard Clark from CloudNine, focused on introducing new ways of deepening the relationship between corporate in-house and outside counsel. Notably, this collaborative approach was evident in discussions about these common challenges for U.K.-based

Government

Government Artificial Intelligence Information governance GDPR

Kevin Mitnick, Hacker Turned Cybersecurity Leader, Dies at 59

eSecurity Planet

JULY 20, 2023

Once dubbed “the world’s most wanted hacker” after his youthful exploits attacking Digital Equipment Corporation and Pacific Bell, Mitnick completed his decade-long transition to cybersecurity luminary when he joined KnowBe4 as Chief Hacking Officer and part owner in 2011. A memorial will be held August 1 in Las Vegas.

Cybersecurity

Cybersecurity Education Military Government

On the Catastrophic Risk of AI

Schneier on Security

JUNE 1, 2023

In my talk at the RSA Conference last month, I talked about the power level of our species becoming too great for our systems of governance. Talking about those systems, I said: Now, add into this mix the risks that arise from new and dangerous technologies such as the internet or AI or synthetic biology.

Risk

Risk Artificial Intelligence Government Security

A Look Back On Five Key Developments in Cybersecurity and Data Protection in Southeast Asia in 2022

Data Protection Report

JANUARY 9, 2023

Read more about this development in our article: Singapore’s Court of Appeal Clarifies Right of Private Action under Singapore’s Personal Data Protection Act | Global law firm | Norton Rose Fulbright . Review of Singapore’s Cybersecurity Act 2018 and publication of report by Singapore government task-force on ransomware.

Cybersecurity

Cybersecurity Personal data Data breaches Ransomware

Information Governance: It’s What you Retain that Matters

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

Trending Sources

GUEST ESSAY: NIST’s Cybersecurity Framework update extends best practices to supply chain, AI

Uber Data Breach Results in Corporate Cooperation and Executive Conviction

OpenAI Is Not Training on Your Dropbox Documents—Today

4th Annual Legal Industry Collaboration Data Survey

Two U.S. Men Charged in 2022 Hacking of DEA Portal

GUEST ESSAY: Restore Us Institute (RUI) aims to protect Americans from online harms and crimes

LinkedIn Adds Verified Emails, Profile Creation Dates

Wanted: Disgruntled Employees to Deploy Ransomware

DOJ Publishes New Corporate Compliance Guidance Related to Communications Platforms and Messaging Applications

MY TAKE: What if Big Data and AI could be intensively focused on health and wellbeing?

Nissan Oceania data breach impacted roughly 100,000 people

News alert: NCA’s Data Privacy Week webinars highlight data protection for consumers, businesses

Protecting or Posturing: What's Acceptable in New Data Privacy Practices

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

GUEST ESSAY: Scammers leverage social media, clever con games to carry out digital exploitation

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

TikTok Banned on UK Government Devices

Anonymous continues to support Ukraine against the Russia

GUEST ESSAY: Threat hunters adapt personas, leverage AI to gather intel in the Dark Web

Rethinking Acceptable Use Polices

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

A Serial Tech Investment Scammer Takes Up Coding?

News alert: SandboxAQ launches new open source framework to simplify cryptography management

Work Remotely Without Compromising Your Data

Seiko confirmed a data breach after BlackCat attack

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying.

Experts: Breach at IT Outsourcing Giant Wipro

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

The Importance of Data Governance and Compliance

Internet Backbone Giant Lumen Shuns.RU

eDiscovery Market Leaders CloudNine & Gimmal Announce New Partnership to Extend Data Governance Capabilities

Hackers Were Inside Citrix for Five Months

Architect to operationalize your sustainability goals

GUEST ESSAY: Why the next round of cyber attacks could put many SMBs out of business

MY TAKE: Sophos X-Ops advances internal, external threat intelligence sharing to the next level

AI and Mass Spying

Fake CISO Profiles on LinkedIn Target Fortune 500s

President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

Key Takeaways on eDiscovery/eDisclosure, Info Governance and Collaboration from The Master’s Conference in London

Kevin Mitnick, Hacker Turned Cybersecurity Leader, Dies at 59

On the Catastrophic Risk of AI

A Look Back On Five Key Developments in Cybersecurity and Data Protection in Southeast Asia in 2022

Stay Connected