December, 2019

A CISO's Security Predictions for 2020

Data Breach Today

As Threats Continue to Evolve, So too Must Defenses The cybersecurity outlook for 2020 and the new decade will be characterized by more advanced, targeted and coordinated attack vectors designed to exploit the cybersecurity skills shortage, along with congenitally poor security fundamentals and hygiene.

GUEST ESSAY: Addressing DNS, domain names and Certificates to improve security postures

The Last Watchdog

In 2019, we’ve seen a surge in domain name service (DNS) hijacking attempts and have relayed warnings from the U.S. Cybersecurity and Infrastructure Agency, U.K.’s s Cybersecurity Centre, ICANN, and other notable security experts.

Risk 164

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

When Is Data "Public"? (And 2.5M Public Factual Records in HIBP)

Troy Hunt

When is data "public"? And what does "public" even mean? Does it mean it's merely visible to the public? Or does it mean the public can do anything they like with it? This discussion comes up time and time again as it did with the huge leak of PDL data only last month.

Insights about the first five years of Right to be Forgotten requests at Google


Right to be Forgotten” (RTBF). is a landmark European ruling that governs the delisting of personal information from search results.

Paper 71

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up

Krebs on Security

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up.

More Trending

Data Protection in the Digital Transformation Era

Thales eSecurity

With more and more organizations embracing digital transformation and accelerating their pace to digitize every piece of information, they become increasingly vulnerable to sophisticated cyber-attacks and data breaches.

Do You Have the Right Stuff to Transition to Information Governance?

ARMA International

In the late 1950s, the United States invited its top test pilots to apply to become the nation’s first astronauts. As memorialized in the book The Right Stuff , test pilots then had to decide whether to transition into an uncertain-yet-vaguely-familiar new career or continue along their present path.

A study reveals the list of worst passwords of 2019

Security Affairs

Another year is ending and this is the right time to discover which are the worst passwords of 2019 by analyzing data leaked in various data breaches.

To Survive a Data Breach, Create a Response Playbook

Data Breach Today

Experts Detail Essential Systems and Procedures Every Organization Needs Now Surviving a data breach requires having a plan, and experts say such plans must be continually tested, practiced and refined. Experts detail seven essential components for building an effective data breach response playboo

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

The Last Watchdog

Physical security is the protection of personnel and IT infrastructure (such as hardware, software, and data) from physical actions and events that could cause severe damage to an organization. This includes protection from natural disasters, theft, vandalism, and terrorism. Related: Good to know about IoT Physical security is often a second thought when it comes to information security.

Risk 149

5G Is More Secure Than 4G and 3G—Except When It’s Not

WIRED Threat Level

The next-generation wireless networks make it harder to track and spoof users, but security holes remain because devices still connect to older networks. Security Security / Privacy Business

IT 83

Is IoT undermining our reasonable expectation of privacy?

OpenText Information Management

In the US, the concept of the ‘reasonable expectation of privacy’ came about when the police were considered to have breached the fourth amendment by wiretapping a public phone to capture a gambling ring.

IoT 52

Ready for the New York SHIELD Act?

Data Breach Today

New Law Expands Consumer Protections and Give AG Additional Oversight While CCPA has drawn the biggest headlines when it comes to new U.S. privacy laws, businesses and consumers should also take notice of New York's SHIELD Act, which goes into effect in March 2020.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Why Ring Doorbells Perfectly Exemplify the IoT Security Crisis

WIRED Threat Level

A new wave of reports about the home surveillance cameras getting hijacked by creeps is painfully familiar. Security Security / Cyberattacks and Hacks

IoT 87

Ransomware at IT Services Provider Synoptek

Krebs on Security

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources.

MY TAKE: Why it’s now crucial to preserve PKI, digital certificates as the core of Internet security

The Last Watchdog

For decades, the cornerstone of IT security has been Public Key Infrastructure, or PKI , a system that allows you to encrypt and sign data, issuing digital certificates that authenticate the identity of users. Related: How PKI could secure the Internet of Things If that sounds too complicated to grasp, take a look at the web address for the home page of this website. Take note of how the URL begins with HTTPS. The ‘S’ in HTTPS stands for ‘secure.’

Google warned 12K+ users targeted by state-sponsored hackers

Security Affairs

Google revealed that over 12,000 of its users were targeted by state-sponsored hackers in the third quarter of this year.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Fraud in the New Decade

Dark Reading

Like any enterprise that wants to survive, fraudsters and hackers will continue to build on past successes to fuel future growth


Mixcloud Breach Affects 21 Million Accounts

Data Breach Today

Hashed Passwords Were Leaked; No Financial Data Exposed Digital streaming platform Mixcloud says it is the victim of a data breach after an attacker shared personal data for registered users with several media outlets, including Vice and ZDNet.

Sales 264

Data Governance 2.0: The CIO’s Guide to Collaborative Data Governance


In the data-driven era, CIO’s need a solid understanding of data governance 2.0 … Data governance (DG) is no longer about just compliance or relegated to the confines of IT. Today, data governance needs to be a ubiquitous part of your organization’s culture.

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Krebs on Security

The U.S.

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Cloud Data Security: Who Should Hold the Keys?

Thales eSecurity

Nearly half (48%) of all corporate data is stored in the cloud according to the 2019 Thales Global Cloud Security Study conducted by the Ponemon Institute.

Clop Ransomware attempts to disable Windows Defender and Malwarebytes

Security Affairs

Experts discovered a new malware dubbed Clop ransomware that attempts to remove Malwarebytes and other security products.

6 CISO New Year's Resolutions for 2020

Dark Reading

We asked chief information security officers how they plan to get their infosec departments in shape next year

The Lifecycle of Stolen Payment Data

Data Breach Today

Fiserv's Christine El Eris on How Fraudsters Sit on and Sell Stolen Card Data Even in the post-EMV era, payment card data is very much thriving on the dark web. Why is data still so accessible to fraudsters, and how can card issuers and merchants alike improve card data security?

Access 207

Cameras that Automatically Detect Mobile Phone Use

Schneier on Security

New South Wales is implementing a camera system that automatically detects when a driver is using a mobile phone. australia cameras cars phones


Ransomware at Colorado IT Provider Affects 100+ Dental Offices

Krebs on Security

A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned. Multiple sources affected say their IT provider, Englewood, Colo.

Meet the Activists Risking Prison to Film VR in Factory Farms

WIRED Threat Level

This animal liberation group actually wants to be put on trial. Their goal: force jurors to wear VR headsets and immerse them in the suffering of animals bound for slaughter. Backchannel Security Security / Security News

Risk 91

TrueDialog database leaked online tens of millions of SMS text messages

Security Affairs

Millions of SMS messages have been leaked by a database run by TrueDialog, a business SMS provider for businesses and higher education providers. Security experts at vpnMentor discovered a database belonging to the US communications company, TrueDialog that was leaking millions of SMS messages.