Data Breach Today
DECEMBER 3, 2018
Legal Experts Suspect So, But Investigation Could Take a Year or More Will Marriott be the first organization that lost control of Europeans' personal data to feel the full force of the EU's General Protection Regulation? With GDPR in full effect since May, organizations with data security practices face the potential of massive fines.
Krebs on Security
DECEMBER 3, 2018
The parent firm of bling retailers Jared and Kay Jewelers has fixed a bug in the Web sites of both companies that exposed the order information for all of their online customers. In mid-November 2018, KrebsOnSecurity heard from a Jared customer who found something curious after receiving a receipt via email for a pair of earrings he’d just purchased as a surprise gift for his girlfriend.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
DECEMBER 3, 2018
Massive Breach Prompts Calls for New Data Security and Minimization Laws Marriott's mega-breach underscores the challenges companies face in securing systems that come from acquisitions as well as simply storing too much consumer data for too long, computer security experts say. Meanwhile, the hotel giant has yet to answer many pressing data breach questions.
Security Affairs
DECEMBER 3, 2018
Security experts at HackenProof are warning Open Elasticsearch instances expose over 82 million users in the United States. Experts from HackenProof discovered Open Elasticsearch instances that expose over 82 million users in the United States. Elasticsearch is a Java-based search engine based on the free and open-source information retrieval software library Lucene.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
Data Breach Today
DECEMBER 3, 2018
Attorney Ronald Raether on Building a Cybersecurity Culture Tabletop exercises are a critical way to make sure an organization's incident response plan is effective and everyone knows their roles, says Ronald Raether of the law firm Troutman Sanders.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 3, 2018
Report: Medicaid Data and Systems Could Also Be at Risk at Other Medicaid MCOs A security review of two Medicaid managed care organizations in Arizona revealed several significant access control and configuration vulnerabilities, raising concerns about whether other MCOs face similar challenges.
Troy Hunt
DECEMBER 3, 2018
So today is Have I Been Pwned's (HIBP's) 5th birthday. I started this project out of equal parts community service and curiosity and then somehow, over the last 5 years it's grown into something massive; hundreds of thousands of unique sessions a day, millions of subscribers, working with governments around the world and even fronting up to testify in Congress.
Security Affairs
DECEMBER 3, 2018
Russia-linked cyber-espionage group Sofacy , (aka APT28 , Pawn Storm , Fancy Bear , Sednit , Tsar Team, and Strontium ) use BREXIT lures in recent attacks. The APT group used Brexit-themed bait documents on the same day the UK Prime Minister Theresa May announced the initial BREXIT draft agreement with the European Union (EU). “As the United Kingdom (UK) Prime Minister Theresa May announced the initial BREXIT draft agreement with the European Union (EU), iDefense analysts identified
Hunton Privacy
DECEMBER 3, 2018
On November 29, 2018, the French Data Protection Authority (the “CNIL”) launched an online public consultation regarding two new CNIL draft standards (“Referentials”) concerning the processing of personal data to manage (1) business activities and (2) unpaid invoices. . Background. Following the 2018 update to the French Data Protection Act for purposes of implementing the EU General Data Protection Regulation (“GDPR”), the CNIL may issue guidelines, recommendations or standards called “Referent
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Dark Reading
DECEMBER 3, 2018
Employers must start broadening their search for experienced security professionals to include people with the right traits rather than the right skills.
IT Governance
DECEMBER 3, 2018
In November, Lush – the high-street store known for its fragrant, eco-friendly beauty products – temporarily lost the ability to take card transactions after a member of the IT team “ deleted the till system by accident ”. As a result, Lush stores across the country could only take cash payments until the till system was restored. Announced via Twitter , the story fizzed and quickly dissolved – much like one of the company’s bath bombs.
Adam Levin
DECEMBER 3, 2018
The data of 114 million businesses and individuals has been discovered in an unprotected database. The information exposed included the full name, employer, email, address, phone number and IP address of 56,934,021 individuals, and the revenues and employee counts for up to 25 million business entities. Hackenproof, the Estonian cybersecurity company that found the data trove online, announced their discovery on their blog.
IT Governance
DECEMBER 3, 2018
Although the EU General Data Protection Regulation (GDPR) has come into effect, a large number of organisations are not yet compliant. A Ponemon Institute survey found that almost half of companies would not meet the 25 May 2018 deadline. So, if you haven’t finished your compliance project or have only just started, don’t panic – you’re not alone. To help, IT Governance has created a checklist to highlight the essential steps your organisation must take in order to become GDPR compliant.
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
The Guardian Data Protection
DECEMBER 3, 2018
Bill could pass this week after government agreed to restrict new powers to serious crimes Labor and the Coalition have come to an in-principle agreement on the government’s bill to give law enforcement agencies access to encrypted communication. In a deal between the attorney general, Christian Porter, and his shadow, Mark Dreyfus, the government has agreed to limit the powers to investigation of “serious offences” and add new safeguards to agencies’ ability to demand tech companies build backd
Security Affairs
DECEMBER 3, 2018
New Zealand intelligence agency asked mobile company Spark to avoid using Huawei equipment for 5G infrastructure. According to New Zealand’s Government Communications Security Bureau, Huawei equipment for 5G infrastructure poses a “significant network security risk,” for this reason, it asked mobile company Spark to avoid using the equipment of the Chinese company.
WIRED Threat Level
DECEMBER 3, 2018
The bill's sponsors want cyber flashers to face the same consequences as their offline counterparts, but there are technical and legal hurdles.
OpenText Information Management
DECEMBER 3, 2018
Marketers, we feel your pain. You’re constantly juggling multiple projects and deadlines, working with multiple people across different departments or external agencies, and navigating complex approval processes, all while needing to deliver new creative content. That’s why we’re excited to announce an additional, intuitive way for you to collaborate on digital content with your internal and … The post Better together – Digital media collaboration made simple appeared first on
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
IT Governance
DECEMBER 3, 2018
The ISO 27001 implementation and review processes revolve around risk assessments. This is where organisations identify the threats to their information security and outline which of the Standard’s controls they must implement. The process begins by defining a methodology, i.e. a set of rules defining how to calculate risks. Some organisations ignore this step, going straight into the assessment process, but this jeopardises their compliance posture.
Information Management Resources
DECEMBER 3, 2018
Machine learning adoption has been growing at a rapid pace, and there is no end in sight. Recent forecasts say pilots and implementations, as well as investments, will increase 400 percent by 2021.
Dark Reading
DECEMBER 3, 2018
A new partnership wants to improve how people use and manage the virtual identities that govern their lives online.
WIRED Threat Level
DECEMBER 3, 2018
Touch ID is seamless, which makes it great for unlocking your phone—and for App Store scammers.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Dark Reading
DECEMBER 3, 2018
About 25% of political support in Arizona and Florida was generated by influence agents using Twitter as a platform, research shows.
OpenText Information Management
DECEMBER 3, 2018
Today’s employees are, like everyone else, sophisticated consumers of information. Whether a private sector executive or a public sector staffer, employees expect the same ease of use in searching for information at work as they do when shopping online. OpenText™ People Center™ enables organizations to bring that level of user experience into the workplace, delivering … The post Improve the employee experience with OpenText People Center Release 16 EP5 appeared first on OpenText Blogs.
Threatpost
DECEMBER 3, 2018
The two apps, “Fitness Balance App” and “Calories Tracker app,” were tricking users into payments of $120.
Information Governance Perspectives
DECEMBER 3, 2018
Markus Lindelow leads the IG and Content Classification Practice Group at Iron Mountain, the world's largest information management company, where he’s been pioneering breakthrough analytic techniques for over decade. I interviewed him this November to discuss his thoughts on the evolution of metadata, content classification, AI, and how companies are using the new pillars of data science to break down their silos, help customers get lean and discover the hidden values in their big data sets.
Advertisement
If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.
eDiscovery Daily
DECEMBER 3, 2018
A legal analytics product being launched last week by LexisNexis analyzes the language of specific judges’ opinions to identify the cases and arguments each judge finds persuasive as well as analytics on expert witnesses. And, we remember one judge who, sadly, passed away over the weekend. According to Bob Ambrogi’s LawSites blog ( ‘Context,’ Launching Today from LexisNexis, Applies Unique Analytics to Judges and Expert Witnesses ), the new product, Context , is “déjà vu all over again” (my sec
Hunton Privacy
DECEMBER 3, 2018
Hunton Andrews Kurth’s Privacy & Information Security Law Blog has been nominated in The Expert Institute’s 2018 Best Legal Blog Contest for Best AmLaw Blog of 2018. For nearly 10 years, our award-winning privacy blog has provided readers with current information and legal commentary on news stories; breaking international, federal and state legislation; and other issues on privacy, data protection and cybersecurity.
Threatpost
DECEMBER 3, 2018
In this Newsmaker Interview, ‘breach hunter’ Chris Vickery explores a recent spate of breaches from Marriott, USPS and Dell EMC.
Expert insights. Personalized for you.
247 
Let's personalize your content