Fri.Feb 09, 2018

article thumbnail

Strong, streamlined and secure: How to get the most out of centralized key management

Thales Cloud Protection & Licensing

With organizations around the world now deploying ever-increasing amounts of encryption solutions in an effort to ward off cybercrime, businesses are facing a combination of challenges. Whether it’s varying protection levels, differing operational techniques and policies, or juggling multiple keys, managing more than one encryption system can quickly turn into a complex web that demands time, expertise and money to manage effectively.

article thumbnail

Google Set to Name and Shame Sites Lacking HTTPS

Data Breach Today

Chrome Browser Will Flag Sites Lacking Security Communication Protocol Google is prepping its Chrome browser to brand as "not secure" every site a user tries to visit that does not use HTTPS encryption by default. The move is meant to push more sites to use HTTPS to secure communications and help block eavesdropping and man-in-the-middle attacks.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Polisis AI Reads Privacy Policies So You Don't Have To

WIRED Threat Level

Polisis, a machine-learning-trained tool, automatically produces readable charts of where your data ends up for any online service.

Privacy 100
article thumbnail

Data Breach Reporting Mandate Included in New Singapore Law

Data Breach Today

Owners of CII Must Report Incidents or Face Penalties Singapore's new cybersecurity law passed earlier this week mandates that owners of critical information and infrastructure report cybersecurity incidents to the Cybersecurity Agency. Security experts discuss organizations' readiness to comply.

article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Back to Basics: AI Isn't the Answer to What Ails Us in Cyber

Dark Reading

The irony behind just about every headline-grabbing data breach we've seen in recent years is that they all could have been prevented with simple cyber hygiene.

More Trending

article thumbnail

Lenovo Warns Critical WiFi Vulnerability Impacts Dozens of ThinkPad Models

Threatpost

Lenovo issued a security bulletin Friday warning customers of two previously disclosed critical Broadcom vulnerabilities impacts 25 models of its popular ThinkPad laptops.

article thumbnail

DDoS Extortion and Attack Techniques

Data Breach Today

DDoS extortion comes in many forms. Campaigns over the past three years have varied in their nature and continue to evolve over even the past few months. What lessons can be learned from the latest attacks? Dennis Birchard of Akamai shares insights on the attacks and the newest defenses.

100
100
article thumbnail

Time's Just About Up to Secure the 2018 Midterm Elections

WIRED Threat Level

The first primary for the 2018 midterm elections takes place March 6—and many states are still woefully underprepared.

article thumbnail

Twitter Account Hacks in India Investigated

Data Breach Today

Experts Analyze the Difficulties in Investigating Social Media Hack Cases The Twitter accounts of several celebrities and politicians in India were recently hacked. Cybersecurity leaders discuss the challenges and risk mitigation strategies in dealing with social media attacks.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Smart review of WannaCry suggests 22 recommendations for improved cyber security across health and social care.

IT Governance

The latest review into the WannaCry ransomware attack and cyber security standards has concluded that “all health and social care organisations can, and should, have strong cyber security measures in place” as the protection of patient data is “fundamental to delivering high quality and safe services”. Highlighting the complex nature of the health and social care industry, the review, by William Smart, chief information officer for the health and social care system, details that there is no “on

article thumbnail

OCR's New Top HIPAA Enforcer Departs

Data Breach Today

What Will Be the Impact of Iliana Peters' Exit? Iliana Peters has left the Department of Health and Human Services' Office for Civil Rights just months after she was named to replace the agency's former top HIPAA enforcer, Deven McGraw. Is OCR experiencing a HIPAA brain drain?

100
100
article thumbnail

5 ways to turn data into insights and revenue with cognitive content analytics

IBM Big Data Hub

Many companies are expected to pursue data management, advanced analytics and cognitive computing to stay competitive and drive revenue. Except for a handful of leaders such as LinkedIn, Netflix, Nordstrom, Target and Verizon, most companies are still struggling to close the gap between data collection, insights and action.

article thumbnail

Lauri Love: UK Blocks Suspected Hacker's US Extradition

Data Breach Today

Leading the latest edition of the ISMG Security Report: England's Court of Appeal rejects U.S. extradition request for suspected hacker Laurie Love. Also, what took Uber and Partners Health so long to come clean about their respective data breaches?

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

8 Nation-State Hacking Groups to Watch in 2018

Dark Reading

The aliases, geographies, famous attacks, and behaviors of some of the most prolific threat groups.

82
article thumbnail

Calling Squid "Calamari" Makes It More Appetizing

Schneier on Security

Research shows that what a food is called affects how we think about it. Research paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.

IT 48
article thumbnail

Information Literacy and Records Management

Brandeis Records Manager

George Despres, CRM. Program Director for University Records Management, Brandeis University. (The content in this blog reflects the opinions of the author, and not of Brandeis University.). A 1989 report by the U.S. Presidential Committee on Information Literacy states that “to be information literate, a person must be able to recognize when information is needed and have the ability to locate, evaluate, and use effectively the needed information.

article thumbnail

Weekly Update 73

Troy Hunt

I'm not entirely sure how I've gotten to the end of the week feeling completely wrung out whilst having only written the one thing, but here we are. In fairness though, I've put a heap of work into Pwned Passwords version 2 and finally completed the data set. There's some coding work and other logistics to complete before it goes live, but the plan for now is week after next so I'm looking forward to that.

article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Living in a Smart Home

Schneier on Security

In " The House that Spied on Me ," Kashmir Hill outfits her home to be as "smart" as possible and writes about the results.

article thumbnail

Cisco Confirms Critical Firewall Software Bug Is Under Attack

Threatpost

Cisco has issued patches for the vulnerability, which could be up to seven years old.

article thumbnail

Cyber Warranties: What to Know, What to Ask

Dark Reading

The drivers and details behind the growth of cyber warranties, which more businesses are using to guarantee their products.

49
article thumbnail

IBM QRadar vs Splunk: Top SIEM Solutions Compared

eSecurity Planet

While both SIEM solutions are popular industry leaders, each has its strengths and weaknesses. We take a close look at both.

IT 46
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Russian Authorities Arrest Engineers for Cryptocurrency Mining at Nuclear Weapons Site

Dark Reading

The nuclear weapons facility employees reportedly tried to mine cryptocurrency via a supercomputer.

Mining 48
article thumbnail

Change control and change management are often-overlooked security controls

Information Management Resources

Recent revelations about the Specter and Meltdown vulnerabilities and the rise in ransomware threats serve as sober reminders of how unsecure devices and systems are.

article thumbnail

Sacramento Bee Databases Hit with Ransomware Attack

Dark Reading

The Bee did not pay ransom and deleted its databases to prevent future attacks, according to its publisher.

article thumbnail

Largest insurers plan biggest IT budget increases: Celent

Information Management Resources

Carriers with more than $1 billion in premiums expect to spend 11% more on average on tech this year, survey finds.

article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

The Achilles Heel of Many Content Management Implementations

Docuware

Wikipedia is a good place to start in any post that alludes to Greek mythology:

22
article thumbnail

Malware causes EHR breach for small Tennessee hospital

Information Management Resources

Decatur County General Hospital finds cryptocurrency in records system that may have put data of 24,000 patients at risk.

Risk 30
article thumbnail

I Want to Legal Hold Your Hand

The Schedule

This guest post is by Holly Dolan, MLS, Assistant Manager of Denton County Records Management in Denton, Texas. If you would link to download copies of these valentines for your own re-use, Holly has graciously made this PDF available. At some point in their career every records manager has felt the air go sour when they’ve walked into a room. What is it about records management that sets people on edge?