IT Governance

OCTOBER 26, 2022

Implementing an ISO 27001-compliant ISMS (information security management system) can seem complex, and it’s often difficult to know how the Standard’s specifications should be applied to your organisation. Failure to understand or comply with the requirements of the Standard could jeopardise your implementation project. This will likely mean you fail the certification audit, potentially costing your organisation dearly.

Compliance 98

Compliance Risk Education Information Security 98

Data Breach Today

OCTOBER 26, 2022

More People Affected by Breaches Than Total US Population The federal tally of health data breaches reached a new milestone this week: Since its inception in September 2009, more than 5,000 major incidents have been posted to the Department of Health and Human Services' HIPAA breach "wall of shame.

Data breaches 246

Data breaches IT 246

KnowBe4

OCTOBER 26, 2022

Deepfakes, the realistic and thoroughly convincing fabrication of imagery, video, and audio that fakes the identity of some person in ways that are difficult to detect, have aroused concern recently. They seem to open the prospect of extraordinarily effective disinformation and social engineering campaigns. Deepfakes have already found their way into advertising campaigns.

105

105

Data Breach Today

OCTOBER 26, 2022

Cybereason's Latest Layoffs Come Less Than 5 Months After Company Cut Staff by 10% Cybereason has carried out another round of layoffs, axing 200 workers just days after a report that the endpoint security vendor is pursuing a sale. The company plans to reduce its staff by 17% - or 200 employees - less than five months after laying off 10% of its workforce.

Sales 211

Sales Security IT 211

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

OpenText Information Management

OCTOBER 26, 2022

Imagine if the world went dark and there were no internet. Even for a day. For a week. Consider the massive fallout for organizations everywhere. Digitalization has morphed from a useful function to a bedrock of society. It is at the center of all future growth. But as our technology advances beyond human limits, carrying … The post The Anticipant Organization appeared first on OpenText Blogs.

IT 104

IT 104

Security Affairs

OCTOBER 26, 2022

The OpenSSL Project announced an upcoming update to address a critical vulnerability in the open-source toolkit. The OpenSSL Project announced that it is going to release updates to address a critical vulnerability in the open-source toolkit. Experts pointed out that it is the first critical vulnerability patched in toolkit since September 2016. “The OpenSSL project team would like to announce the forthcoming release of OpenSSL version 3.0.7.

Encryption 104

Encryption Security IT Information Security 104

Data Breach Today

OCTOBER 26, 2022

Google's Shane Huntley Urges EU to 'Lead a Diplomatic Effort' to Curb Spyware The problem of zero-day exploits used by advanced spyware makers such as NSO Group is an urgent problem requiring government intervention, a Google cybersecurity executive told the European Parliament committee investigating member nations' use of the Pegasus spy app.

Cybersecurity 130

Cybersecurity Government 130

Dark Reading

OCTOBER 26, 2022

When we think about cybercrime and retail it is natural to focus on websites being targeted with attacks. Indeed, there has been a shocking rise in the number of cyberattacks perpetrated against online retailers in the past year. Dakota Murphey explains why store owners and security managers need to also protect their physical locations from the cyber threat, too, however.

Retail 104

Retail Security IT 104

KnowBe4

OCTOBER 26, 2022

The Department of Homeland Security (DHS) is providing $185 million of grant money this year to U.S. states and territories to bolster their cybersecurity defenses, which includes security awareness training. The program will provide $1 billion over the next four years to help states and territories become more resilient to cyber threats.

Security awareness 101

Security awareness Cybersecurity Security 101

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Security Affairs

OCTOBER 26, 2022

Cisco warns of active exploitation attempts targeting two vulnerabilities in the Cisco AnyConnect Secure Mobility Client for Windows. Cisco is warning of exploitation attempts targeting two security flaws, tracked as CVE-2020-3153 (CVSS score: 6.5) and CVE-2020-3433 (CVSS score: 7.8), in the Cisco AnyConnect Secure Mobility Client for Windows. Both vulnerabilities are dated 2020 and are now patched.

Security 100

Security Authentication Communications Cybersecurity 100

Hunton Privacy

OCTOBER 26, 2022

On October 20, 2022, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth published a white paper entitled Protecting Children’s Data Privacy, Policy Paper I, International Issues and Compliance Challenges. The paper identifies and explores the key issues and challenges that organizations and data protection authorities face in the context of globally divergent legal standards and policy approaches relating to children’s data.

Paper 96

Paper Data Privacy Privacy Compliance 96

Jamf

OCTOBER 26, 2022

Following the JNUC Keynote, executives from Google, Okta, AWS, Jamf, SwiftConnect and HID came together with Jamf CEO Dean Hager for an exclusive press Q&A session. During the session, panelists explained how they’re all working together to make today’s work- (and learn-)from-anywhere movement function without a hitch, while striking the perfect balance between security and privacy.

Privacy 91

Privacy Security 91

Schneier on Security

OCTOBER 26, 2022

After suffering two large, and embarrassing, data breaches in recent weeks, the Australian government increased the fine for serious data breaches from $2.2 million to a minimum of $50 million. (That’s $50 million AUD, or $32 million USD.). This is a welcome change. The problem is one of incentives, and Australia has now increased the incentive for companies to secure the personal data or their users and customers.

Data breaches 87

Data breaches Personal data Government Security 87

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Security Affairs

OCTOBER 26, 2022

International ticketing services company See Tickets disclosed a data breach that exposed customers’ payment card details. Ticketing service company See Tickets disclosed a data breach, and threat actors might have accessed customers’ payment card details. Threat actors were able to steal payment card data by implanting a software skimmer on its website.

Data breaches 83

Data breaches Access Security IT 83

Dark Reading

OCTOBER 26, 2022

Older bugs in the AnyConnect Secure Mobility Client are being targeted in the wild, showcasing patch-management failures.

Security 97

Security 97

Security Affairs

OCTOBER 26, 2022

VMware addressed a critical remote code execution vulnerability in VMware Cloud Foundation tracked as CVE-2021-39144. VMware has released security updates to address a critical vulnerability, tracked as CVE-2021-39144 (CVSSv3 9.8), in VMware Cloud Foundation. VMware Cloud Foundation is the industry’s most advanced hybrid cloud platform. It provides a complete set of software-defined services for compute, storage, networking, security and cloud management to run enterprise apps—traditional

Cloud 83

Cloud Libraries Security IT 83

Data Matters

OCTOBER 26, 2022

Recently, the U.S. Food and Drug Administration (FDA) published a suite of guidance documents relating to software, automation, and artificial intelligence. One guidance document in particular, addressing clinical decision support (CDS) software, may signal a tightening in FDA’s oversight on software tools with artificial intelligence and machine learning (AI/ML) that could introduce confusion and frustrate innovation in this important, fast-developing area.

Artificial Intelligence 88

Artificial Intelligence Privacy 88

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Security Affairs

OCTOBER 26, 2022

A popular British hacker was charged by the U.S. authorities for allegedly running the ‘The Real Deal’ dark web marketplace. The British hacker Daniel Kaye (aka Bestbuy, Spdrman, Popopret, UserL0ser) (34) was charged by the U.S. DoJ for allegedly running the ‘The Real Deal’ dark web marketplace. The man was charged with access device fraud and money laundering conspiracy. “Kaye allegedly operated The Real Deal, a Dark Web market for illicit items, including stolen a

Marketing 82

Marketing Government IoT Sales 82

WIRED Threat Level

OCTOBER 26, 2022

Your anti-malware software may not work if you upgraded to the new operating system. But Apple says a fix is on the way.

Security 90

Security 90

Security Affairs

OCTOBER 26, 2022

US authorities charged a Ukrainian man with computer fraud for allegedly infecting millions of computers with Raccoon Infostealer. The US Justice Department charged a Ukrainian, Mark Sokolovsky (26) man with computer fraud for allegedly infecting millions of computers with the Raccoon Infostealer. The man is currently being held in the Netherlands, he was charged for his alleged role the international cybercrime operation known as Raccoon Infostealer.

Sales 77

Sales Phishing Personal data IT 77

Dark Reading

OCTOBER 26, 2022

When we depend on an open commons as our computing foundation, we need it to be secure, and the most effective way to do that is through open solutions.

Cloud 77

Cloud Security IT 77

Advertisement

If you’re considering migrating from DataStax Enterprise (DSE) to open source Apache Cassandra®, our comprehensive guide is tailored for architects, engineers, and IT directors. Whether you’re motivated by cost savings, avoiding vendor lock-in, or embracing the vibrant open-source community, Apache Cassandra offers robust value. Transition seamlessly to Instaclustr Managed Cassandra with our expert insights, ensuring zero downtime during migration.

IT

WIRED Threat Level

OCTOBER 26, 2022

The suspected Chinese influence operation had limited success. But it signals a growing threat from a new disinformation adversary.

IT 80

IT Security 80

OpenText Information Management

OCTOBER 26, 2022

It’s called cybercrime, but humans are at its core, and understanding how they operate is essential for combatting their actions. While traditional cybersecurity tactics focused on rules established around the common patterns of usage on the enterprise network, today’s best practices go well beyond that approach. OpenText’s Managed Extended Detection and Response (MxDR) provides active … The post The human dimension of cybercrime appeared first on OpenText Blogs.

Cybersecurity 64

Cybersecurity IT Security 64

Dark Reading

OCTOBER 26, 2022

As more of the software stack consists of third-party code, it's time for a more-advanced open source vetting system.

Security 82

Security IT 82

Data Protection Report

OCTOBER 26, 2022

Major privacy law reform in Australia gathered pace this week, with newly tabled legislation proposing to significantly increase penalties for privacy breaches, among other reforms. Now is the time to start asking questions. In preparation for these reforms, companies that collect and process personal information should be asking the following questions: Do we know what data assets we have, and the purpose of collecting and processing the information – a Data Asset Inventory?

Privacy 62

Privacy Data breaches Risk Compliance 62

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Dark Reading

OCTOBER 26, 2022

ICS/OT Security joins the lineup of 14 cybersecurity topic sections on the media site.

Security 92

Security Cybersecurity 92

KnowBe4

OCTOBER 26, 2022

There is a good chance that you and nearly everyone else will be using passkeys in the near future.

Passwords 84

Passwords Security 84

OpenText Information Management

OCTOBER 26, 2022

Earlier this month, we brought together the best minds in information management at OpenText World 2022 in Las Vegas. Over three days, attendees explored more efficient, collaborative, and innovative solutions to solve today’s business challenges. The in-person conference may be over, but you can still catch a lot of the great content from OpenText World … The post Worth your time: Watch OpenText World 2022 on-demand appeared first on OpenText Blogs.

Cloud 59

Cloud 59