Thu.May 24, 2018

article thumbnail

A Data Protection Officer's Guide to the Post-GDPR Deadline Reality

Dark Reading

The EU's General Data Protection Regulation deadline is here -- now what? These four tips can help guide your next steps.

GDPR 50
article thumbnail

How to document the scope of your ISMS

IT Governance

If you’re planning to implement an information security management system (ISMS), you’ll need to document the scope of your project – or, in other words, define what information needs to be protected. There will almost certainly be more information and more locations where information is kept than you initially think of, so it’s essential that you take the time to scope your organisation.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

NARA’s Federal Electronic Records Modernization Initiative: An Overview

The Schedule

Today’s post comes from NARA’s Office of the Chief Records Officer. . The National Archives and Records Administration (NARA) launched the Federal Electronic Modernization Initiative (FERMI) to help agencies procure the services and solutions they need to manage their electronic records. We are approaching this in a few different ways. While Federal agencies may have different missions, structures, and resources, they do have common needs for managing their electronic records.

article thumbnail

FBI Seizes Domain Controlling 500,000 Compromised Routers

Data Breach Today

Sinkholing Should Help Mitigate 'VPN Filter' Outbreak At least 500,000 routers, mostly located in Ukraine, have been infected with "VPN Filter" malware that experts believe is a prelude to a massive cyberattack. But the FBI has reportedly sinkholed the control domain for the router botnet, which should help contain the potential damage.

189
189
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

How to solve four common challenges when outsourcing records to the cloud – Part 2

TAB OnRecord

In last week’s blog post we explored some of the common challenges faced by organizations when storing records in the cloud. We learned that when looking for a cloud storage provider, you need to consider issues of compliance and legal control over records. In part two of our post, we explore two more challenges and [.] Read More. The post How to solve four common challenges when outsourcing records to the cloud – Part 2 appeared first on TAB Records Management Blog | TAB OnRecord.

Cloud 103

More Trending

article thumbnail

Sites block EU users before GDPR takes effect

The Guardian Data Protection

Users and clients of Instapaper, Unroll.me and Ragnarok Online among those affected With less than a day until the General Data Protection Regulation (GDPR) comes into effect, a growing number of companies are taking the nuclear option to ensure compliance: blocking all European users from their servers. Instapaper, a read-later service owned by the US firm Pinterest, became the latest to disconnect European customers on Thursday.

GDPR 102
article thumbnail

Medical Device Cybersecurity: A Progress Report

Data Breach Today

How much progress has the healthcare sector made in the last 10 years addressing medical device cybersecurity issues? And what action is still needed? Ben Ransford, a principal researcher in a groundbreaking 2008 report about cardiac device cyber risks, offers his assessment.

article thumbnail

Don’t Freak Out About That Amazon Alexa Eavesdropping Situation

WIRED Threat Level

You should certainly understand the risks of having a smart speaker in your home, but there’s a perfectly good explanation for how that rogue message might have gotten sent.

Risk 82
article thumbnail

Chaos on the Cheap: 'Fancy Bear' Malware Weaponizes Routers

Data Breach Today

Without New Safety Standards for Software, Experts Say Such Attacks Will Continue A swift FBI sinkhole blunted an apparently imminent attack against Ukraine via "VPN Firewall" malware, which has infected more than 500,000 routers. But mass router compromises will continue so long as manufacturers fail to build in easy or automated patching and updating, security experts warn.

article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

Businesses resort to desperate emailing as GDPR deadline looms

The Guardian Data Protection

As regulations come into force on Friday, inboxes fill with messages hoping to persuade customers to stay subscribed As the GDPR deadline approaches, businesses have been resorting to ever more desperate attempts to get users to open their emails. Some have opted for humour. Restaurant chain Wahaca asked users if they could “taco bout your data and your emails”.

GDPR 73
article thumbnail

GDPR Day is Here!

Data Matters

Whether you are marking today with a glass of champagne, a shot of whiskey, or a hot cup of tea, today marks a significant day for privacy professionals world-wide. Here’s to all of the privacy professionals who have put in so many hours to prepare for the GDPR, fully effective as of Friday May 25, 2018 at midnight in Brussels; that is 6 PM eastern on Thursday, May 24th for toasting purposes.

GDPR 60
article thumbnail

Liberation day! Don’t email me. I sure won’t be emailing you | Charles Arthur

The Guardian Data Protection

Today, happily, the EU’s General Data Protection Regulation comes into force. It’s the data detox we’ve been waiting for As from today you have the perfect excuse. “I haven’t been in touch because you didn’t respond to my last email – you know, the one where I said that you had to specifically opt in if you wanted further communications? Anyway, Mum, how was your week?

GDPR 69
article thumbnail

Most Expensive Data Breaches Start with Third Parties: Report

Dark Reading

Data breach costs increased 24% for enterprise victims and 36% for SMBs from 2017 to 2018, researchers found.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

Doctor, I think I have GDPR fatigue: Chips with Everything podcast

The Guardian Data Protection

The General Data Protection Regulation is coming into into force. Jordan Erica Webber finds out how the deluge of emails could be a health hazard Subscribe and review: Acast , Apple , Spotify , Soundcloud , Audioboom , Mixcloud. Join the discussion on Facebook , Twitter or email us at chipspodcast@theguardian.com. The General Data Protection Regulation is coming into force.

GDPR 64
article thumbnail

Business continuity leads to long-term success

IT Governance

If you want proof that it’s worth investing in a business continuity management system (BCMS), ask an organisation that’s had one in place for a few years. They will tell you that, once your BCMS has matured, it will form an essential part of your cyber security posture. The Business Continuity Institute’s Horizon Scan Report 2018 found that 44% of respondents have had a BCMS for more than five years, and of those, 86% are planning to maintain or increase their investment levels in 2018.

article thumbnail

Arizona Amends Data Breach Notification Law

Hunton Privacy

On April 11, 2018, Arizona amended its data breach notification law (the “amended law”). The amended law will require persons, companies and government agencies doing business in the state to notify affected individuals within 45 days of determining that a breach has resulted in or is reasonably likely to result in substantial economic loss to affected individuals.

article thumbnail

Highlights from Cloud Expo Asia Hong Kong 2018

Thales Cloud Protection & Licensing

The rules of risk taking. What kind of person are you? Are you a risk taker or someone who like to play it safe? Is your organization one that takes risk, or is it risk averse? Let’s take digital transformation , for example. Most organizations want to embrace it, but feel constricted due to data privacy concerns and compliance regulations. However, companies that can’t or won’t find a path forward run the risk (pun intended!

Cloud 48
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

DOJ Sinkholes VPNFilter Control Servers Found in US

Dark Reading

The US Department of Justice said the move aims to thwart the spread of the botnet as part of its investigation into Russian nation-state hacking group APT28 aka Fancy Bear.

IT 50
article thumbnail

New Pluralsight Course: Bug Bounties for Companies

Troy Hunt

Try publishing something to the internet - anything - and see how it long it takes before something nasty is probing away at it. Brand new website, new domain and it's mere hours (if not minutes) before requests for wp-admin are in the logs. Yes, I know it's not a Wordpress site but that doesn't matter, the bots don't care. But that's just indiscriminate scanning, nothing personal; how about deliberate and concerted attacks more specifically designed to get into your things?

article thumbnail

More Than Half of Users Reuse Passwords

Dark Reading

Users are terrible at passwords and the problem is only getting worse, according to an expansive study of more than 100 million passwords and their owners.

article thumbnail

Bigger and better: OpenText at Sapphire 2018

OpenText Information Management

Sapphire 2018 is rapidly approaching. In just over 3 weeks OpenText™ will once again be attending and presenting at Sapphire and as always this year is bigger and better than ever before. We will be celebrating winning the Pinnacle Award for SolEx partner of the year for the 11th year running. To put this achievement … The post Bigger and better: OpenText at Sapphire 2018 appeared first on OpenText Blogs.

Cloud 45
article thumbnail

How to Migrate From DataStax Enterprise to Instaclustr Managed Apache Cassandra

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

article thumbnail

Amazon Comes Under Fire for Facial Recognition Platform

Threatpost

Privacy advocates say facial recognition can be an agent of authoritarian surveillance; others say it's an invaluable tool to combat kidnapping, locate lost children and track down criminals on the run.

Privacy 45
article thumbnail

Navy Federal Credit Union Names Toshiba Official Document Solutions Provider

Info Source

LAKE FOREST, Calif. (May 24, 2018) — Toshiba America Business Solutions today announced it is the official document solutions partner of Navy Federal Credit Union. Under terms of the multi-year agreement, Toshiba will implement its next-generation e-STUDIO copiers supported by the company’s industry-recognized managed print services throughout the world’s largest credit union’s 316 worldwide branches.

article thumbnail

Intel’s ‘Virtual Fences’ Spectre Fix Won’t Protect Against Variant 4

Threatpost

The new hardware-based protections Intel announced earlier in March it was embedding into new chips will only protect against Spectre and Meltdown – but not the newly disclosed Variant 4, sources said.

IT 44
article thumbnail

Malwarebytes Buys Binisoft for Firewall Management

Dark Reading

Vendor plans to integrate Binisoft's Windows Firewall Control into the Malwarebytes endpoint protection platform.

49
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

What Will GDPR’s Impact Be On U.S. Consumer Privacy?

Threatpost

GDPR may be going in effect Friday, but U.S. citizens have a ways to go before seeing similar privacy regulations from the U.S government.

Privacy 44
article thumbnail

Privacy Survey Says: Americans Don't Want to Sell Their Data

Dark Reading

A new survey shows the extent to which Americans are reluctant to sell their personal information for any price.

Privacy 45
article thumbnail

EDRM Needs Your Input on its TAR Guidelines: eDiscovery Best Practices

eDiscovery Daily

I’m here in Durham, NC at the annual EDRM Spring Workshop at Duke Law School and, as usual, the Workshop is a terrific opportunity to discuss the creation of standards and guidelines for the legal community, as well as network with like minded people on eDiscovery topics. I’ll have more to report about this year’s Workshop next week. But, one part of the Workshop that I will touch on now is the release of the public comment version of EDRM’s Technology Assisted Review (TAR) Guidelines.