Threatpost

NOVEMBER 8, 2019

Fallout from giants at the top is one of the largest drivers of cyber-impacts on everyday people and companies.

Data breaches 45

Data breaches Risk Privacy Security 45

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

As most of us know, IoT devices are on the rise in enterprise networks. According to McKinsey & Company , the proportion of organizations that use IoT products has grown from 13 percent in 2014 to 25 percent today. That pace is unlikely to slow down over the coming years; Pagely noted that organizations are still turning to IoT devices as a way to automate and optimize their business processes as well as save on energy costs.

IoT 122

IoT Risk Energy and Utilities Security 122

Data Matters

NOVEMBER 4, 2019

Two important decisions have recently occurred relating to website operators’ use of cookies. First, the Court of Justice of the European Union (the “ CJEU ” or the “ Court ”) has issued its judgement in Planet49, a case which looked at the standards of consent and transparency for the use of cookies and similar technologies in the context of the e-Privacy Directive and the GDPR and determined that opt-out consent, by way of a pre-ticked checkbox, was insufficient to obtain GDPR-standard consen

GDPR 76

GDPR Privacy Personal data Marketing 76

AIIM

NOVEMBER 7, 2019

I returned to downtown Washington, DC, last week to teach the AIIM Foundations of Intelligent Information Management (FIIM) course. The class started with some icebreaker exercises, including asking the students to define, in their own words, “ What is information management? ” There were some fantastic definitions generated from the students for this and other discussion questions throughout the course.

Records Management 80

Records Management Information governance Digital transformation Government 80

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Data Breach Today

NOVEMBER 8, 2019

Legislation Spells Out Privacy Rights and Enforcement Measures Two Democratic members of the U.S. House have proposed a national privacy law that calls for the formation of a new federal agency to enforce the privacy rights that it defines.

Privacy 113

Privacy IT 113

OpenText Information Management

NOVEMBER 5, 2019

Enterprise security professionals today can prevent many attacks on their organization’s endpoints, thanks to ever-improving defensive tools that work across public and private clouds as well as on premise. But would-be attackers are also continually working to step up their capabilities in the expanding IT landscape, so some attacks will inevitably slip through.

Analytics 56

Analytics Cloud Security IT 56

Krebs on Security

NOVEMBER 7, 2019

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a larger review of how security — or the lack thereof — may be impacting patient outcomes.

Data breaches 246

Data breaches Ransomware Cybersecurity IT 246

Data Breach Today

NOVEMBER 4, 2019

Exploit Isn't a Worm, but Experts Remain Braced for Mayhem The cybersecurity community had been holding its breath in anticipation of mass attacks targeting the severe BlueKeep vulnerability in Windows, which Microsoft has patched. The first in-the-wild exploits have now been seen, although they don't appear to constitute an emergency - at least yet.

Cybersecurity 169

Cybersecurity IT 169

The Last Watchdog

NOVEMBER 6, 2019

From the start, two-factor authentication, or 2FA , established itself as a simple, effective way to verify identities with more certainty. Related: A primer on IoT security risks The big hitch with 2FA, and what it evolved into – multi-factor authentication, or MFA – has always been balancing user convenience and security. That seminal tension still exists today even as the global cybersecurity community is moving to extend MFA as a key security component in much more complex digital systems sp

Authentication 131

Authentication Cloud Digital transformation Risk 131

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Thales Cloud Protection & Licensing

NOVEMBER 6, 2019

In a previous blog post ( [link] ) we explored the relationship between GPDR and applications in the cloud. Trust is generally the foundation and basis of any good relationship, but when it comes to protecting your organization, sometimes a Zero Trust mentality is your best bet. Today, Zero Trust, is a tech buzz word heard often, but what is the thought process behind it?

Cloud 109

Cloud IT Security Authentication 109

AIIM

NOVEMBER 5, 2019

The dream of going paperless has been on the minds of businesses of all sizes and industries for years. The idea is simple - minimize the use of paper to reduce costs and carbon footprint while at the same time increasing operating efficiencies and profitability. But just because a concept is simple doesn’t mean it’s easy to implement. And so for many, the dream of a paperless office continues to be just that…a dream.

Libraries 92

Libraries Paper Access IT 92

Data Breach Today

NOVEMBER 8, 2019

The latest edition of the ISMG Security Report offers an analysis of how Twitter allegedly was used to spy on critics of the Saudi Arabian government. Also featured: A preview of the new NIST Privacy Framework and an update on business email compromise attacks.

Privacy 168

Privacy Government Security 168

The Last Watchdog

NOVEMBER 4, 2019

An undercurrent of discontent is spreading amongst knowledge workers in enterprises across the United States and Europe. Related: Phishing-proof busy employees White collar employees today have amazingly capable communications and collaboration tools at their beck and call. Yet the majority feel unsatisfied with narrow daily assignments and increasingly disconnected from the strategic goals of their parent organization.

Communications 130

Communications B2B Cloud Phishing 130

Advertisement

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

Security

Data Matters

NOVEMBER 8, 2019

This fall, scrutiny has increased on children’s privacy with the FTC and New York Attorney General’s announcement of the largest fine ever for violations of the Children’s Online Privacy Protection Act (“COPPA”), followed by FTC public workshops on updating the COPPA Rule. Combined with increased requirements for the sale of teen personal information under the California Consumer Privacy Act (“CCPA”), and calls for triple fines for children’s privacy violations under a potential CCPA 2.0 refere

Privacy 89

Privacy Data collection Compliance Sales 89

DLA Piper Privacy Matters

NOVEMBER 6, 2019

On 30 October 2019, the Berlin Commissioner for Data Protection and Freedom of Information ( Berliner Beauftragte für Datenschutz und Informationsfreiheit – “ Berlin DPA ”) imposed an administrative fine of about EUR 14.5 million against Deutsche Wohnen SE for infringements of the General Data Protection Regulation (GDPR). Facts and legal evaluation by Berlin DPA.

GDPR 98

GDPR Personal data Archiving Compliance 98

Data Breach Today

NOVEMBER 7, 2019

Employee Has Been Fired; 68,000 Customers Affected A Trend Micro employee stole and then sold contact information for 68,000 of the company's consumer subscribers, which led to a raft of unsolicited tech support scam calls, the company says. The employee has been fired. The incident highlights the risk of insider threats.

Risk 165

Risk 165

Security Affairs

NOVEMBER 8, 2019

Italian law enforcement shut down the ‘Berlusconi market’ black market and arrested three suspected of being its administrators. Italian financial police “Guardia di Finanza” shut down the ‘Berlusconi market’ black market hosted on the Tor network and arrested three administrators. The site was managed by two individuals that go online with nicknames of “ VladimirPutin ” with the role of administrator and “EmmanuelMacron” as moderator.

Marketing 88

Marketing Sales IT Security 88

Advertisement

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

IT

Troy Hunt

NOVEMBER 7, 2019

We're pretty much at a "secure by default" internet these days, at least that's the assumption with most websites, particularly so in the financial sector. About 80% of all web pages are loaded over an HTTPS connection , browsers are increasingly naggy when anything isn't HTTPS and it's never been cheaper nor easier to HTTPS all your things. Which meant that this rather surprised me: Let me break down what's happening here: I'm in (yet another) hotel and on complete autopilot, I start typing "xe

Passwords 87

Passwords Risk IT Security 87

DXC Technology

NOVEMBER 8, 2019

Many companies are moving to multi-cloud deployments. For example, most EMEA and North American financial services businesses are moving to multi-clouds within the next two years. Gartner reports 81 percent of surveyed public cloud users are already working with multi-clouds. But, Gartner states that multi-cloud is a subset of hybrid clouds. I disagree.

Cloud 86

Cloud Financial Services IT 86

Data Breach Today

NOVEMBER 8, 2019

Sprawling computing environments - from cloud to containers to serverless - are posing challenges in maintaining visibility and determining if data is secure, says Mike Adler of RSA.

Cloud 162

Cloud Security 162

IT Governance

NOVEMBER 7, 2019

All organisations need help complying with the GDPR (General Data Protection Regulation). You might not be able to bring in expert consultants, but there are software packages to help with the majority of your compliance requirements, from risk assessments to data breach reporting. IT Governance’s CyberComply platform contains all the software solutions you need in one bundle.

GDPR 84

GDPR Compliance Risk Cloud 84

Advertisement

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

Data Protection Report

NOVEMBER 8, 2019

The Grand Chamber of the European Court of Human Rights (ECHR) has held that Spanish shop workers’ right to privacy under Article 8(1) of the European Convention on Human Rights was not violated when their employer obtained evidence of theft from covert CCTV footage of the employees. The case involved five employees who worked as cashiers at a supermarket chain.

Privacy 79

Privacy IT 79

Hunton Privacy

NOVEMBER 6, 2019

On November 5, 2019, the Berlin Commissioner for Data Protection and Freedom of Information (“the Berlin Commissioner,” Berliner Beauftragte für Datenschutz und Informationsfreiheit ) announced that it had imposed a fine of €14.5 million (approximately $16 million) on Deutsche Wohnen SE, a prominent real estate company. This is the highest fine issued in Germany since the EU General Data Protection Regulation (“GDPR”) became applicable.

GDPR 79

GDPR Archiving Personal data Insurance 79

Data Breach Today

NOVEMBER 4, 2019

New Malware 'Messagetap' Intercepts Communications for Espionage, Researchers Say The Chinese advanced threat group APT41 is using a new espionage tool to intercept SMS messages from specific phone numbers by infecting mobile telecommunication networks, according to the security firm FireEye Mandiant.

Communications 162

Communications Security 162

Data Matters

NOVEMBER 6, 2019

The California Consumer Privacy Act (CCPA) takes effect in January. Sidley’s seasoned class action practitioners anticipate the CCPA will drive a proliferation of data- and privacy-driven suits, on multiple fronts. This webinar will explore this emerging area in consumer class action litigation and highlight concrete steps businesses can take to mitigate CCPA-related risks.

Privacy 68

Privacy Risk 68

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

Customer Experience

ARMA International

NOVEMBER 4, 2019

This article summarizes a report published by AIEF on June 3, 2019. Additionally, the article is included in Information Management Magazine, ARMA-AIEF Special Edition , which will be available for download in mid-November. A printed version of the special issue will be available as well, for a nominal fee. This article summarizes the findings of a global survey of legal retention requirements for accounting records, a category of recorded information that is created and maintained by virtually

Compliance 77

Compliance Education Government Records Management 77

Preservica

NOVEMBER 5, 2019

Preservica, the market leader in active digital preservation software, is proud to extend its support for the Emmett Leahy Award , and offer congratulations to 2019 winner, Simon Fook-Keung Chu of Hong Kong. The prestigious global award recognizes outstanding contributions by individuals for their impact in the field of records and information management.

Digital preservation 75

Digital preservation Archiving Libraries Education 75

Data Breach Today

NOVEMBER 5, 2019

Era Ends With Broadcom's Buy of Symantec's Enterprise Assets for $10.7 Billion Say hello to NortonLifeLock, as Symantec anti-virus for consumers is no more, following the sale of Symantec's enterprise assets and name to Broadcom for $10.7 billion. But can the new, pure-play consumer "cyber safety" business succeed where the combined consumer and enterprise business previously stumbled?

Sales 160

Sales 160