Thu.Jan 23, 2020

Weathering the Privacy Storm from GDPR to CCPA & PDPA

Dark Reading

A general approach to privacy, no matter the regulation, is the only way companies can avoid a data protection disaster in 2020 and beyond

GDPR 43

Ethical Use of Data for Training Machine Learning Technology - Part 1

AIIM

This is the first part of a 3-part series on the Ethical Use of Data for Training Machine Learning Technology by guest authors Andrew Pery and Michael Simon. Part 1: Bad Things Can Come from Non-neutral Technology. AI technology is becoming pervasive , impacting virtually every facet of our lives.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Attitudes, actions around data privacy protections don't go far enough

Information Management Resources

An effective program to enable business to use data while also managing risk and ensuring compliance must reflect three interlocking components: privacy, data governance and risk management. Data privacy rules GDPR Data management

Risk 36

Emotet Malware Alert Sounded by US Cybersecurity Agency

Data Breach Today

Must-Have Defenses Include Detecting Infections and Lateral Movement, CISA Says Emotet malware alert: The U.S.

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

THSuite data leak exposes cannabis users information

Security Affairs

Experts found online an unsecured database owned by THSuite and used by point-of-sale systems in medical and recreational marijuana dispensaries.

Sales 88

More Trending

DHS Warns of Increasing Emotet Risk

Dark Reading

Emotet is considered one of the most damaging banking Trojans, primarily through its ability to carry other malware into an organization

Risk 85

Treasury Wants to Collect More Cyber Risk Details From Banks

Data Breach Today

Agency Wants to Gather More Data to Support Security of Financial Infrastructure The U.S. Treasury Department is proposing to collect more information from banks and financial markets about the cybersecurity risks they face to help ensure the security of financial infrastructure

Risk 170

The Annoying MacOS Threat That Won't Go Away

Dark Reading

In two years, the adware-dropping Shlayer Trojan has spread to infect one in 10 MacOS systems, Kaspersky says

82

FBI Warns: Beware of Spoofed Job Application Portals

Data Breach Today

Fraudsters Targeting Personal Information, Including Payment Card Details The FBI's Internet Crime Complaint Center has issued an alert warning that fraudsters are using spoofed job application portals and websites to steal personal information, including payment card details, from would-be applicants.

163
163

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Deconstructing Web Cache Deception Attacks: They're Bad; Now What?

Dark Reading

Expect cache attacks to get worse before they get better. The problem is that we don't yet have a good solution

78

Microsoft Error Exposed 250 Million Elasticsearch Records

Data Breach Today

Five Customer Service Databases Were Left Internet-Accessible for Three Weeks Microsoft accidentally internet-exposed 250 million customer support records stored in five misconfigured Elasticsearch databases, for three weeks.

Access 141

Severe Vulnerabilities Discovered in GE Medical Devices

Dark Reading

CISA has released an advisory for six high-severity CVEs for GE Carescape patient monitors, Apex Pro, and Clinical Information Center systems

74

Top 5 Life Sciences predictions in 2020

OpenText Information Management

With the patient taking center stage, digitization is gaining pace within Life Sciences. This blog looks at how digital technology is going to shape every stage of the drug lifecycle for life science and pharma companies in 2020.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Apple Abandoned Plans for Encrypted iCloud Backup after FBI Complained

Schneier on Security

This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee.

250 Million Microsoft customer support records and PII exposed online

Security Affairs

An expert discovered that over 250 million Microsoft customer support records might have been exposed along with some personally identifiable information.

Relieving the Burden of Tax Reporting

Perficient Data & Analytics

Provisioning for income tax can be a complex process for large multi-national organizations to mid-sized companies with a consistent growth mode. The tax provisioning process involves determining the current tax amounts as well as calculating the deferred roll-forward amount.

Iran-Linked PupyRAT backdoor used in recent attacks on European energy sector

Security Affairs

Hackers used a remote access Trojan (RAT) associated with Iran-linked APT groups in recent attacks on a key organization in the European energy sector.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Inside Pwn2Own's High-Stakes Industrial Hacking Contest

WIRED Threat Level

At Pwn2Own, hackers had no trouble dismantling systems that help run everything from car washes to nuclear plants—with the prize of taking home the very computers they "pwn.". Security Security / Cyberattacks and Hacks

[Guide] 3 Ways Cloud Is Modernizing Healthcare Data and Analytics

Perficient Data & Analytics

Driven by a growing need for timely information to support system interoperability and improve patient care, digital transformation in healthcare is rapidly evolving and driving the need for systems that can manage and organize large amounts of data.

NSA Offers Guidance on Mitigating Cloud Flaws

Dark Reading

A new document separates cloud vulnerabilities into four classes and offers mitigations to help businesses protect cloud resources

Cloud 58

EUROPE: The Future of AI Regulation and Data Protection

DLA Piper Privacy Matters

A white paper has been leaked which provides an interesting insight into the European Union’s plans for the future regulation of artificial intelligence (“ AI ”).

GDPR 56

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says

Dark Reading

Attackers 'weaponized' Active Directory to spread the ransomware

Top technology predictions for the energy industry in 2020

OpenText Information Management

Uncertainty has become the new norm in the energy industry and 2020 promises more of the same.

Man pleads guilty for keeping classified records after employment via the Washington Post

IG Guru

This article brings to light the importance of ensuring access controls are in place for contractors and that vendors follow information handling best practices with their employees.

Think Outside of the Gartner Magic Quadrant for Master Data Management Solutions to Deliver Connected Customer Experiences

Reltio

Customer experience. It’s one of the buzziest terms in business. And it should be. If you haven’t come to the conclusion that CX matters, volumes of research quantifies the value of providing an exceptional - or even decent - customer experience, and the perils of getting it wrong. .

Microsoft suffers data breach affecting up to 250 million people

IT Governance

Microsoft has confirmed a massive data breach affecting anonymised data held on its customer support database. Up to 250 million records were exposed online between 5 and 31 December as a result of the tech giant failing to implement proper protections. The information, which includes email addresses, IP addresses and support case details, was held on leaky Elasticsearch servers.

AI-powered business intelligence: The future of analytics

IBM Big Data Hub

Teasing new O'Reilly thought leadership report being published this week. Will need help on 3 images used to drive to blog

Cisco Warns of Critical Network Security Tool Flaw

Threatpost

The critical flaw exists in Cisco's administrative management tool, used with network security solutions like firewalls. Vulnerabilities Web Security Cisco critical flaw CVE-2019-16028 Firepower Management Center firewall LDAP Lightweight Directory Access Protocol Network security security solution

ISO 27001 management review: a practical guide

IT Governance

As part of their ISO 27001 compliance, organisations must conduct management reviews to address any emerging information security trends and to ensure that their ISMS (information security management system) works as intended. Unfortunately, there’s a mistaken belief that the review is only necessary as part of the certification audit. That couldn’t be further from the truth, as we explain in this blog. The purpose of the ISO 27001 management review.

Risk 50