Thu.Dec 06, 2018

article thumbnail

Emails Expose Sensitive Internal Facebook Discussions

Data Breach Today

Material Gives Insight Into Company's Views on Data Security A batch of documents meant to be kept under court seal lay bare Facebook's strategic brokering of access to user data to reward partners and punish potential rivals. The material also demonstrates Facebook's views at the time on privacy and the risks of leaking data.

Privacy 249
article thumbnail

GUEST ESSAY: 5 security steps all companies should adopt from the Intelligence Community

The Last Watchdog

The United States Intelligence Community , or IC, is a federation of 16 separate U.S. intelligence agencies, plus a 17th administrative office. The IC gathers, stores and processes large amounts of data, from a variety of sources, in order to provide actionable information for key stakeholders. And, in doing so, the IC has developed an effective set of data handling and cybersecurity best practices.

Security 129
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cyber Exposure: How to Discover, Measure and Reduce Your Risk

Data Breach Today

Tenable's Diwaker Dayal on Benchmarking the Success of Your Security Posture How does an organization measure cybersecurity success? For too many, it's simply the absence of a breach. But Diwakar Dayal of Tenable proposes ways to measure a cybersecurity posture, benchmark it against peers and use the metrics to create a report card and reduce cyber risk.

Risk 178
article thumbnail

Your Personal Data is Already Stolen

Schneier on Security

In an excellent blog post , Brian Krebs makes clear something I have been saying for a while: Likewise for individuals, it pays to accept two unfortunate and harsh realities: Reality #1: Bad guys already have access to personal data points that you may believe should be secret but which nevertheless aren't, including your credit card information, Social Security number, mother's maiden name, date of birth, address, previous addresses, phone number, and yes ­ even your credit file.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Does HIPAA Need to Be 'Modernized'?

Data Breach Today

AMIA, AHIMA Want to Update What's Covered Regarding Patients' Access to Their Data Two health IT professional associations are urging Congress to "modernize" HIPAA to extend patients' rights to securely access, view, download and transmit their health information - including health data not currently covered under HIPAA. Regulatory experts size up whether the proposed changes are feasible.

Access 166

More Trending

article thumbnail

Take Your Security With You From On-Premises to the AWS Cloud

Data Breach Today

Find out all the benefits of using one security solution across your on-premises data center and AWS cloud workloads. Get expert insight on use cases, plus informative real-world examples plus more about how the cloud services hub/Transit VPC Solution leverages the cloud's scalable network to provide security services throughout the enterprise. Watch this video to learn more.

Cloud 166
article thumbnail

Customers lose confidence – data breaches aren’t just about fines

IT Governance

A recent survey by Ping Identity shows that customers move away from brands that have suffered data breaches. Data breaches are now a common occurrence – big-name brands affected in 2018 include FIFA , British Airways , Vision Direct , Eurostar and Marriott. These are just a few of the household names that have suffered at the hands of criminal hackers this year and under ongoing investigation; any penalties have yet to be confirmed.

article thumbnail

MDR: What to Ask When Choosing a Vendor

Data Breach Today

Sharda Tickoo of Trend Micro on the Essentials of Managed Detection and Response Hampered by insufficient tools and skills, many organizations are now investing in managed detection and response solutions. What questions should they ask when selecting a partner? Sharda Tickoo of Trend Micro shares insights.

152
152
article thumbnail

DHS and FBI published a joint alert on SamSam Ransomware

Security Affairs

The US Department of Homeland Security (DHS) and the FBI issued a joint alert on SamSam attacks targeting critical infrastructure. The US Department of Homeland Security (DHS) and the FBI published a joint alert on the activity associated with the infamous SamSam ransomware. The SamSam hackers extorted over 200 organizations, including public institutions, municipalities , and hospitals , they have caused over $30 million in losses.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Auditing your GDPR practices

IT Governance

Follow our advice to make sure your organisation is GDPR-compliant and avoids disciplinary action. After a relatively quiet few months, the EU GDPR (General Data Protection Regulation) is back in the news. Organisations have been waiting uneasily since the dramatics of the 25 May 2018 compliance deadline, wondering what the Regulation will look like in practice and whether its much-discussed fines will become a reality.

GDPR 87
article thumbnail

Evidence in Marriott’s subsidiary Starwood hack points out to China intel

Security Affairs

According to a report published by the Reuters, the massive Marriott data breach was carried out by Chinese state-sponsored hackers. According to the Reuters, people investigating the Marriot data breach believe that it is the result of a cyberattack carried out by Chinese hackers. Last week Marriott International announced that hackers compromised guest reservation database at its subsidiary Starwood hotels and stolen personal details of about 500 million guests.

article thumbnail

Why drones are revolutionizing asset inspection in oil and gas

OpenText Information Management

In my previous blog, I looked at operational excellence in oil and gas. In its Oil and Gas Trends 2018-19, PwC suggests that companies should ‘double down’ on digitization to drive operational excellence, citing the use of drones to inspect offshore platforms as a key example. So, how can you make the most of drones within … The post Why drones are revolutionizing asset inspection in oil and gas appeared first on OpenText Blogs.

IT 84
article thumbnail

Bringing Compliance into the SecDevOps Process

Dark Reading

Application security should be guided by its responsibility to maintain the confidentiality, integrity, and availability of systems and data. But often, compliance clouds the picture.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Ukraine’s SBU: Russia carried out a cyberattack on Judiciary Systems

Security Affairs

Ukraine is accusing Russian intelligence services of carrying out cyberattacks against one of its government organizations. Ukraine’s security service SBU announced to have blocked a cyber attack launched by Russian intelligence aimed at breaching information and telecommunications systems used by the country’s judiciary. Attackers launched a spear phishing attack using messages purporting to deliver accounting documents.

Mining 82
article thumbnail

Kubernetes Vulnerability Hits Top of Severity Scale

Dark Reading

The security issue strikes at some of the basic reasons for the rising popularity of containers as an architecture and Kubernetes as an orchestration mechanism.

article thumbnail

The Proven SD-WAN Choice of Global Enterprises

Data Breach Today

166
166
article thumbnail

Modernizing patient engagement at Emma Children’s Hospital

Jamf

Emma Children’s recently began replacing wall-mounted monitors with iPad devices to better serve patients and streamline clinical communications. Read their incredible story.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Five tips for getting the most out of your records digitization pilot

TAB OnRecord

Although most organizations can agree that pilot projects in general have beneficial outcomes, your pilot project can run into numerous pitfalls if you do not get the basics quite right. Here are five tips to help you accurately execute the fundamentals so your project can start out on the right foot. Tip #1 – Choose [.] Read More. The post Five tips for getting the most out of your records digitization pilot appeared first on TAB Records Management Blog | TAB OnRecord.

article thumbnail

Adobe Flash Zero-Day Spreads via Office Docs

Dark Reading

Adobe has patched a zero-day in its Flash player after attackers leveraged the exploit in an active campaign.

IT 84
article thumbnail

2019 IT Security Outlook: New Attack Vectors Will Emerge

eSecurity Planet

Our 2019 IT security predictions: Encryption will lose its luster, cloudjacking and containers will be growing risks, and more.

IT 76
article thumbnail

A hierarchy of data security controls

Thales Cloud Protection & Licensing

For most enterprise IT security professionals, there are some common reasons that we need to protect a given data set. For the most part, they fall into a few easy categories: Meeting a compliance or regulatory requirement. Implementing best practices. Minimizing the chance of a data breach of PII. Protecting sensitive financial data, intellectual property or secrets.

article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

A deeper dive into intelligent recommendations

OpenText Information Management

Intelligent recommendations, or recommendation engines as they are also called, are everywhere. As digital consumers, we experience them when we buy merchandise on Amazon, pick a show to watch on Netflix or scan curated content feeds on social media. They are algorithms that analyze data about users, items, and interactions between users and items and … The post A deeper dive into intelligent recommendations appeared first on OpenText Blogs.

article thumbnail

Infected WordPress Sites Are Attacking Other WordPress Sites

Threatpost

Researchers identified a widespread campaign of brute force attacks against WordPress websites.

article thumbnail

7 Common Breach Disclosure Mistakes

Dark Reading

How you report a data breach can have a big impact on its fallout.

article thumbnail

If I receive one more irrelevant voucher…

OpenText Information Management

It seems that every week companies are trying to secure my loyalty with great discounts and vouchers. They would be great if they reflected my interests and lifestyle, but too often they don’t – which makes you wonder if the companies understand their customer at all. With such fierce competition in financial services, companies need … The post If I receive one more irrelevant voucher… appeared first on OpenText Blogs.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

The impact of GDPR on cybersecurity managers

Information Management Resources

Among many unclear implication of GDPR, the vaguest might be how to ensure compliance with the security requirements, including data protection by design and by default.

GDPR 57
article thumbnail

Facebook Defends Data Policies On Heels of Incriminating Internal Docs

Threatpost

The company allegedly tried to hide away new policy changes that would collect Android app users' call and message logs.

Privacy 60
article thumbnail

3 top cybersecurity predictions for 2019

Information Management Resources

This year saw the number of breaches increase, and data from enterprises, public utilities and even the Pentagon was leaked by the millions of records. We can expect the picture to get worse in 2019.