A Definitive Guide to Crowdsourced Vulnerability Management

Dark Reading

Knowing about a bug and actually securing it are very different things. These six steps will get you from "oh, sh*t" to fixed

Poll Results: Maybe Not Burned Out, But Definitely 'Well-Done'

Dark Reading

Staff shortages and an increasingly challenging job is turning up the heat on security pros, Dark Reading readers say

GDPR: How the definition of personal data has changed

IT Governance

With the Regulation expanding the definition of personal data, many organisations were uncertain as to what the new definition includes. The GDPR’s definition of personal data is also much broader than under the DPA 1998. This blog has been updated to reflect industry updates.

GDPR 88

Year-Old Samba flaw allows escaping from the share path definition

Security Affairs

The post Year-Old Samba flaw allows escaping from the share path definition appeared first on Security Affairs. Experts discovered a year-old flaw in Samba software that could be exploited to bypass file-sharing permissions and access forbidden root shares paths.

Access 107

Business Process Modeling Use Cases and Definition

erwin

The post Business Process Modeling Use Cases and Definition appeared first on erwin, Inc. What is business process modeling (BPM)? A visual representation of what your business does and how it does it. Why is having this picture important?

Redaction: Definition, Process, and When to Use It

Record Nations

The post Redaction: Definition, Process, and When to Use It appeared first on Record Nations. Sometimes called “document sanitizing,” redaction is the process of removing sensitive information from a document.

IT 52

California Consumer Privacy Act: GDPR-like definition of personal information

Data Protection Report

This blog focuses on the CCPA’s broad definition of Personal Information. The California Consumer Privacy Act (“CCPA” or the “Act”) sets a new precedent with its sweeping definition of Personal Information (“PI”). This definition of PI greatly expands on the narrow definition of what constituted PI under previous California state laws. While the definition of PI is sweeping, the Act does set out several carve outs.

GDPR 40

Crunch Time in California – CCPA Amendments Hotly Debated and (Some) Defeated – Employee Data Is Back, Reasonable Definition of Personal Information Is Gone (For Now), and More!

Data Matters

AB 873 – Definitions of Deidentified Data and Personal Information. The bill that would have changed the definitions of “deidentified” data and “personal information” did not pass on a tie-vote, but will be reconsidered by the committee. The post Crunch Time in California – CCPA Amendments Hotly Debated and (Some) Defeated – Employee Data Is Back, Reasonable Definition of Personal Information Is Gone (For Now), and More!

New Case Sheds Further Light on the Definition of Autodialer under the TCPA

Data Matters

The FCC had said in orders in 2003 and 2008 that the TCPA’s definition of auto-dialer was broad enough to cover predictive dialers. Unconstrained by the underbrush of the FCC’s earlier rulings, the court went on to interpret the statutory definition of auto-dialers. The post New Case Sheds Further Light on the Definition of Autodialer under the TCPA appeared first on Data Matters Privacy Blog. Ever since the D.C.

Sales 60

Nevada Expands Definition of Personal Information

Hunton Privacy

179 (the “Bill”), which expands the definition of “personal information” in the state’s data security law. lawfully made available to the general public” from the definition of personal information, the Bill narrows the scope of that exclusion, limiting it to information available “from federal, state or local governmental records.”. On May 13, 2015, Nevada Governor Brian Sandoval (R-NV) signed into law A.B.

Time for a new definition of the "composite" insurer?

CGI

Time for a new definition of the "composite" insurer? So could this operating model become the new definition of a ‘composite insurer’? p.butler@cgi.com. Wed, 04/25/2018 - 09:26. Composite insurer table.

Searching for definition | ZDNet

Collaboration 2.0

Searching for definition By Oliver Marks | June 15, 2008, 10:51pm PDT Summary A recurring theme for me at the Enterprise 2.0 ′ in 2006, called on attendees to log on to Wikipedia and edit its definition.

Paper 52

HR’s culture shift: Tackling workplace sexual harassment while navigating legal definitions

Information Management Resources

Human resources professionals are looking to fight bad behavior driven by upper management. Sexual harassment in the professional workplace PH sexual harassment Sexual harassment Workforce management Employee relations Workplace culture Workplace safety and security

The Design Thinking Process: Five Stages to Solving Business Problems

erwin

Design Thinking Definition: The Five Stages of the Design Thinking Process. The design thinking process is a method of encouraging and improving creative problem-solving. The design thinking process is by no means new.

Enterprise Architect: A Role That Keeps Evolving

erwin

Enterprise architect is a common job title within IT organizations at large companies, but the term lacks any standard definition. That’s one of the reasons the enterprise architect role has no standard definition.

FTC Issues Interim Final Rule Amending Red Flags Rule “Creditor” Definition

Hunton Privacy

On November 30, 2012, the Federal Trade Commission announced the issuance of an interim final rule (“Interim Final Rule”) that makes the definition of “creditor” in the FTC’s Identity Theft Red Flags Rule (“Red Flags Rule”) consistent with the definition contained in the Red Flag Program Clarification Act of 2010.

The Principles of Recordkeeping Primer: Accountability

The Schedule

Definitions of Accountability. ” DefinitionA primer is a small, introductory book on a given subject. They used to be part of every child’s education. The New England Primer (ca. 1690), was the first to be printed in North America.

This is the old ChiefTech blog.: Matt's Knowledge Management definition

ChiefTech

Wednesday, 27 June 2007 Matt's Knowledge Management definition Everyone has their own definition of Knowledge Management. This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009. Disclaimer: Information on this blog is of a general nature and represents my own independent opinion. Please seek advice for specific circumstances.

House Bill to Limit Scope of Red Flags Rule with Amended “Creditor” Definition

Hunton Privacy

6420 would add a more narrow definition of “creditor” to Section 615(e) of the FCRA, which currently defines creditor as “any person who regularly extends, renews, or continues credit; any person who regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who participates in the decision to extend, renew, or continue credit.”

Risk 40

Article 29 Working Party Proposes a Definition and Provision on Profiling Within the Proposed EU General Data Protection Regulation

Hunton Privacy

The Advice Paper sets forth the Working Party’s position that the Proposed Regulation should include a clear definition on profiling as “any form of automated processing of personal data, intended to analyse or predict the personality or certain personal aspects relating to a natural person, in particular the analysis and prediction of the person’s health, economic situation, performance at work, personal preferences or interests, reliability or behaviour, location or movements.”.

Paper 40

GandCrab Developers Behind Destructive REvil Ransomware

Dark Reading

Code similarities show a definite technical link between the malware strains, Secureworks says

Now Available: Webinar – Operationalizing the California Consumer Privacy Act – Key Decisions and Compliance Strategies

HL Chronicle of Data Protection

On June 20, 2019, Hogan Lovells partners Mark Brennan and Bret Cohen discussed in great detail the impact of the law, explained key definitions, and offered practical guidance on how to navigate it during the webinar, “Operationalizing the California Consumer Privacy Act.” Bret Cohen.

Sales 52

'Culture Eats Policy for Breakfast': Rethinking Security Awareness Training

Dark Reading

What's definitely not working with end-user cybersecurity awareness training - and what you can do about it

Capital One's Breach May Be a Server Side Request Forgery

Data Breach Today

A definitive post mortem is likely months away. SSRF Appears to Fit Scenario, But Details Are Slim Capital One's enormous data breach is a subject of intense scrutiny as well as fear. But security professionals have ideas as to how the breach was achieved and the weaknesses that led to it

The Infrastructure Mess Causing Countless Internet Outages

WIRED Threat Level

You may not have heard of the Border Gateway Protocol, but you definitely know when it goes wrong. Security Security / Security News

IT 114

4 things to consider when setting your fast data strategy

IBM Big Data Hub

In the study, the definition of fast data starts with the technical characteristics mentioned in our last article, but there’s more to that definition

97

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

As a starting point, determine whether the company qualifies as a business under the CCPA’s definition or if it may be subject to the CCPA by its relationships with for-profit businesses. The CCPA’s definition for “deidentified” data differs from traditional standards.

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

As a starting point, determine whether the company qualifies as a business under the CCPA’s definition or if it may be subject to the CCPA by its relationships with for-profit businesses. The CCPA’s definition for “deidentified” data differs from traditional standards.

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

As a starting point, determine whether the company qualifies as a business under the CCPA’s definition or if it may be subject to the CCPA by its relationships with for-profit businesses. The CCPA’s definition for “deidentified” data differs from traditional standards.

California Consumer Privacy Act: The Challenge Ahead — Key Terms in the CCPA

HL Chronicle of Data Protection

We thus focus here on detailing some of the CCPA’s key definitional terms, organized into topical categories. As we describe below, the CCPA’s definition of “consumer” is limited to California residents.

Sales 52

Who’s spreading the news?

InfoGovNuggets

Data quality Information Governance Definition Controls Third parties Internal controls Culture Compliance Oversight Duty Accuracy Compliance (General “Egypt Send Actress to Jail for ‘Fake News,'” The Wall Street Journal , October 1, 2018 A9. Woman posting video on Facebook claiming sexual harassment posted on Facebook sentenced to two years in jail. Publishing fake news with intent of toppling regime. Egypt has some problems with sexual harassment. Appeal expected.

NTT Security and WhiteHat Security Describe Deal

Data Breach Today

NTT's Khiro Mishra and WhiteHat's Craig Hinkley on Application Security NTT Security has signed a definitive agreement to acquire WhiteHat Security.

Management of change

InfoGovNuggets

Information Governance Communications Definition Controls Compliance Oversight Compliance (General How do you make sure that your policies are keeping pace with law and society? “Google Changes Harassment Rule,” The Wall Street Journal , November 9, 2018 B4. Following an employee walkout over how the company handles/handled sexual harassment claims, Google will no longer require that such claims be subject to arbitration.

Cheaters

InfoGovNuggets

Data quality Information Governance Definition Duty of Care Controls Compliance Oversight Duty Employees Accuracy Corporation Compliance (General “Market Cheats Get Caught More Often,” The Wall Street Journal , November 1, 2018 B10. Traders manipulating prices by spoofing real futures trades are getting caught and prosecuted for criminal violations. Exchanges cooperating with enforcement authorities. If accurate information is worth X, what is inaccurate information worth?

Information economy

InfoGovNuggets

Data quality Information Value Definition Use Collection Analytics Access“Alternative Data Is Valued on Wall Street,” The Wall Street Journal , November 2, 2018 B1. Companies mine different types of available information to help traders. Is information is worth so much, won’t someone start a business to provide it? Apparently. What should you be monitoring to understand how your customers make their purchasing decisions, or what your competitors are doing?

Loose Lips, Volume III

InfoGovNuggets

Information Governance Communications Definition Controls Compliance Duty Employees Corporation Compliance (General “Egypt Passes Media Law Targeting ‘Fake News,'” The Wall Street Journal , July 17, 2018 A18. Traditional media and larger social media outlets now subject to penalties for spreading fake news, defaming, or inciting hatred. Think how quiet the TV would be in the US if there was a similar law here. Oh, wait. We still have the First Amendment.

Location information

InfoGovNuggets

Information Ownership Value Definition Controls Access Duty Corporation TechnologyApparently, if you’re on Verizon, 75 companies know where your phone is. Is that worth anything to anybody? Who owns that information and who can sell/rent it? “Third Parties Know Exactly Where You Are,” The Wall Street Journal , July 16, 2018 B4. Well, I like to have Uber and Google Maps know where I am. And FindMyPhone. Who else? Do I control that?

IT 28