IT Governance

JULY 12, 2019

Digital Guardian recently asked a group of cyber security experts what the most important step is following a data breach. Several answered with some variation of ‘find out how it happened’. This might seem counterproductive: with so much post-breach chaos, from isolating the incident and letting staff know what’s going on to getting back to work and notifying affected individuals, surely it’s a time to be looking forward, not backward.

Data breaches 90

Data breaches Computer and Electronics Education Access 90

Schneier on Security

JULY 24, 2019

Yesterday, Attorney General William Barr gave a major speech on encryption policy -- what is commonly known as "going dark." Speaking at Fordham University in New York, he admitted that adding backdoors decreases security but that it is worth it. Some hold this view dogmatically, claiming that it is technologically impossible to provide lawful access without weakening security against unlawful access.

Encryption 107

Encryption Communications Risk Access 107

Krebs on Security

JULY 24, 2019

Nearly three dozen journalists at a broad range of major publications have been targeted by a far-right group that maintains a Deep Web database listing the personal information of people who threaten their views. This group specializes in encouraging others to harass those targeted by their ire, and has claimed responsibility for dozens of bomb threats and “swatting” incidents, where police are tricked into visiting potentially deadly force on the target’s address.

Government 279

Government IT Security 279

Data Breach Today

JULY 12, 2019

Settlement Stems From Cambridge Analytica Incident After a long privacy investigation, the U.S. Federal Trade Commission voted to levy a $5 billion fine against Facebook, according to the Washington Post and the Wall Street Journal.

Privacy 264

Privacy 264

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Thales Cloud Protection & Licensing

JULY 3, 2019

I recently had the pleasure of sharing some industry insights from our 2019 Data Threat Report-Federal Edition on Cyberwire’s Daily Podcast –specifically addressing the gap in security responsibility many federal agencies face today as they move tremendous amounts of sensitive data into multicloud environments. We also discussed a new digital landscape where perimeter defense is no longer effective.

Government 120

Government Security Encryption IoT 120

IT Governance

JULY 31, 2019

Remember after last month’s relatively serene cyber security scene we said this wasn’t the beginning of the GDPRevolution ? July was bound to be a bounce-back month, but we couldn’t have expected the frighteningly high total of 2,266,042,039 breached records. Granted, a big chunk of those come from a single incident – a mammoth breach involving a Chinese smart tech supplier – but as unimaginative football commentators say, ‘they all count’.

Data breaches 111

Data breaches Ransomware Personal data Government 111

erwin

JULY 12, 2019

In light of recent, high-profile data breaches, it’s past-time we re-examined strategic data governance and its role in managing regulatory requirements. News broke earlier this week of British Airways being fined 183 million pounds – or $228 million – by the U.K. for alleged violations of the European Union’s General Data Protection Regulation (GDPR).

GDPR 110

GDPR Government Metadata Compliance 110

Krebs on Security

JULY 19, 2019

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. Unfortunately for iNSYNQ, the company appears to be turning a deaf ear to the increasingly anxious cries from its users for more information about the incident.

Cloud 267

Cloud Ransomware Access Cybersecurity 267

Data Breach Today

JULY 12, 2019

The Cost of 'Smart Home AI Assistants': Humans Review Audio of What People Say George Orwell's "1984" posited a world in which Big Brother monitored us constantly via "telescreens." But thanks to our "smart" AI home assistants - from Google, Amazon and others - we're increasingly installing the monitoring equipment ourselves, and it may "hear" much more than we realize.

IT 271

IT 271

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

National Archives Records Express

JULY 1, 2019

Late last week, the Office of Management and Budget (OMB) and NARA jointly issued a new memorandum with guidance on managing Federal records. The new memo, titled Transition To Electronic Records (OMB/NARA M-19-21) is available at [link]. NARA is pleased to have the Administration’s continuing support for modernizing Federal agency recordkeeping and bringing about the necessary transformation to a fully electronic government.

Records Management 109

Records Management Government IT 109

Security Affairs

JULY 7, 2019

Yesterday, July 6, 2019, hackers breached the GitHub account of Canonical Ltd., the company behind the Ubuntu Linux distribution. On July 6, 2019, hackers have breached the GitHub account of Canonical Ltd., the organization behind the Ubuntu Linux distribution. The company immediately launched an investigation, the good news is that the source code of the popular Linux distro was not impacted. “We can confirm that on 2019-07-06 there was a Canonical owned account on GitHub whose credential

Security 111

Security IT Information Security 111

WIRED Threat Level

JULY 7, 2019

Opinion: Kids today have an online presence starting at birth, which raises a host of legal and ethical concerns. We desperately need a new data protection framework.

Privacy 111

Privacy Security 111

Thales Cloud Protection & Licensing

JULY 23, 2019

From taking a shower, to brewing your coffee, and watching the news, your morning routine is fueled by the energy sector. If you’re like millions of other Americans, your TV is connected to the Internet and uses technology generated from the nation’s power grid. But the energy sector also underpins our emergency and response systems, our hospitals and healthcare, our schools, our businesses, and virtually everything we do as a society.

Energy and Utilities 103

Energy and Utilities Digital transformation Encryption Systems administration 103

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Krebs on Security

JULY 22, 2019

Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans. Here’s a brief primer that attempts to break down what this settlement means for you, and what it says about the value of your identity.

Data breaches 262

Data breaches Security IT Sales 262

Data Breach Today

JULY 3, 2019

Researchers Say Attackers Could Have Ties to Iranian-Backed APT Group The U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft Outlook to plant remote access Trojans or other types of malware within government networks. Some researchers say the exploits could be tied to an Iranian-backed threat group.

Government 265

Government Access 265

erwin

JULY 11, 2019

At a fundamental level, digital transformation is about further synthesizing an organization’s operations and technology, so involving business architecture and process modeling is a best practice organizations cannot ignore. This post outlines how business architecture and process modeling come together to facilitate efficient and successful digital transformation efforts.

Digital transformation 106

Digital transformation Information capture Compliance Financial Services 106

Security Affairs

JULY 28, 2019

Watch out! Playing a video on Android devices could be a dangerous operation due to a critical CVE-2019-2107 RCE flaw in Android OS between version 7.0 and 9.0. Playing a specially-crafted video on devices with the Android’s native video player application could allow attackers to compromise them due to a dangerous critical remote code execution flaw.

Manufacturing 111

Manufacturing Security IT Information Security 111

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

WIRED Threat Level

JULY 29, 2019

VxWorks is designed as a secure, "real-time" operating system for continuously functioning devices, like medical equipment, elevator controllers, or satellite modems.

Security 110

Security 110

Thales Cloud Protection & Licensing

JULY 31, 2019

Digital payments growth. According to 451 Research, digital payment channels are expected to grow from $2.8 trillion in 2018 to $5.8 trillion in 2022. That’s seven times the rate of in-store growth. Within digital payments, mobile payment transactions are expected to overtake e-commerce transactions in 2019 and represent 55% of transactions by 2022.

Authentication 102

Authentication Security Sales Marketing 102

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. What follows is a deep dive into who may be responsible for recruiting new members to help spread the contagion.

Ransomware 262

Ransomware Passwords Marketing Manufacturing 262

Data Breach Today

JULY 2, 2019

Infected City Fires IT Manager; New Victims in Florida, Georgia More U.S. cities and other governmental units reportedly have been hit by ransomware in an unrelenting wave that has proved profitable for hackers. Here's a roundup of the latest incidents.

Ransomware 262

Ransomware IT 262

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

erwin

JULY 26, 2019

Enterprise architecture (EA) isn’t dead, you’re just using it wrong. Part three of erwin’s digital transformation blog series. . I’ll let you in on a little secret: the rumor of enterprise architecture’s demise has been greatly exaggerated. However, the truth for many of today’s fast-moving businesses is that enterprise architecture fails. But why?

Digital transformation 106

Digital transformation Government Data collection Cloud 106

Threatpost

JULY 3, 2019

Amazon's acknowledgment that it saves Alexa voice recordings - even sometimes after consumers manually delete their interaction history - has thrust voice assistant privacy policies into the spotlight once again.

Privacy 106

Privacy IT Data Privacy IoT 106

WIRED Threat Level

JULY 29, 2019

It occupies a spot next to 'Black Mirror' and Big Brother in popular imagination, but China’s social credit project is far more complicated than a single, all-powerful numerical score.

IT 106

IT Privacy Security 106

Schneier on Security

JULY 4, 2019

Pretty horrible story of a US journalist who had his computer and phone searched at the border when returning to the US from Mexico. After I gave him the password to my iPhone, Moncivias spent three hours reviewing hundreds of photos and videos and emails and calls and texts, including encrypted messages on WhatsApp, Signal, and Telegram. It was the digital equivalent of tossing someone's house: opening cabinets, pulling out drawers, and overturning furniture in hopes of finding something -- any

Mining 105

Mining Passwords Encryption Communications 105

Advertisement

Gearing up for 2025 annual planning? Our latest eBook from the Operators Guild is your ultimate guide. Discover real-world solutions and best practices shared by top CFOs, drawn directly from discussions within OG’s vibrant online community. Learn from senior executives at high-growth tech startups as they outline financial planning strategies, align CEO and board goals, and coordinate budgets across departments.

Education

DLA Piper Privacy Matters

JULY 16, 2019

Today, the Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , “ Dutch DPA “) issued its first GDPR-fine of EUR 460,000. The fine is imposed on the Dutch Haga Hospital for having an insufficient internal security of patient records. The fact that the first GDPR-fine was imposed on a hospital isn’t a complete surprise, as already in December 2018, the Dutch DPA already announced that it would focus its enforcement actions on the public and health sector.

GDPR 104

GDPR Authentication Information Security Security 104

Data Breach Today

JULY 16, 2019

Amadeus Patches Check-In Software Used by Hundreds of Airlines A vulnerability in global airline check-in software used by 500 airlines could have been exploited to download other individuals' valid boarding passes, potentially giving them access to restricted airport spaces, warns security expert David Stubley. The flaw in Amadeus travel software has now been fixed.

Security 254

Security Access 254

Security Affairs

JULY 20, 2019

SyTech , a contractor for the Federal Security Service of the Russian Federation (FSB) has been hacked, attackers stole data about interna l projects. Attackers have hacked SyTech, a contractor for the Federal Security Service of the Russian Federation (FSB), and exfiltrated data about interna l projects. According to the Russian media, SyTech has been working with FSB since 2009, in particular, they contributed to several projects for FSB unit 71330 and for fellow contractor Quantum.

Data breaches 111

Data breaches Military Communications Security 111