Privacy regulations, user satisfaction concerns and the need to prevent data breaches are driving more organizations that must authenticate users to find "a better way of ensuring that people are who they are when they are accessing critical information," says Tony Smales, CEO of Forticode.
As the European Union's General Data Protection Regulation enforcement date approaches, organizations are working to address challenges, including changing the broadly accepted definition of what constitutes personally identifiable information, says Rashmi Knowles of RSA.
What matters most, right now, to the information security community? At RSA 2018, RSA's president said WannaCry was a wakeup call for vulnerability and risk management. Other experts see artificial intelligence, machine learning and secure coding as hot trends.
New PCI requirements that go into effect June 30 are pushing payment card acquirers, processors, gateways and service providers worldwide to implement more secure encryption protocols for transactions. But are they ready?
With roughly one month to go before the May 25 enforcement date, what do organizations still misunderstand about the EU's General Data Protection Regulation? John McLeod of AlienVault shares his insights on GDPR.
Jan Koum, WhatsApp's co-founder, is leaving Facebook. His departure marks another exit of a high-level privacy and security advocate. If Facebook continues to lose those who could better influence the social networking site's worrying views toward user data, what does that mean for the rest of us?
The head of the NSA's Cybersecurity Threat Operations Center says attackers haven't bothered targeting unclassified U.S. Defense Department networks with a zero-day exploit in 24 months. Instead, they attempt to exploit flaws within 24 hours of information of the vulnerability or exploit going public.
What are some of the complexities of the EU's General Data Protection Regulation, which will be enforced beginning May 25? Gerald Beuchelt, CISO at LogMeIn, offers compliance insights in an in-depth interview.
The latest iteration of the NIST Cybersecurity Framework is designed to help bring those who aren't experts into the cybersecurity conversation, says Matthew Barrett of the National Institute of Standards and Technology. He outlines the expanded scope in version 1.1
What two points do GDPR and other new regulations have in common? They put pressure on organizations to demonstrate strong security postures and mitigate third-party risk. Danny Rogers of Terbium Labs discusses how security leaders can respond.
In this edition of the ISMG Security Report: Privacy watchdogs in the EU begin enforcing GDPR in less than 30 days; are organizations ready? Also, a look at the top 10, real-world online threats facing business and financial software firm Intuit.
Yahoo, now known as Altaba, has agreed to a $35 million civil fine with the U.S. Securities and Exchange Commission to settle accusations that the search giant failed to promptly notify investors about a December 2014 data breach.
Great news: "SunTrust to offer free identity protection ... at no cost on an ongoing basis." Of course, nothing comes for free, at least for 1.5 million customers of the Atlanta bank, whose personal details may have been sold to criminals by a former employee.
As the world prepares for GDPR enforcement, a new Privacy Maturity Benchmark study finds that 65 percent of respondents say their organizations experience sales delays because of data privacy issues. Cisco's Michelle Dennedy outlines the concept of data friction.