Provisions in legislation introduced by Sen. Richard Blumenthal, D-Conn., target companies that store online data for more than 10,000 people to assure their customers' personally identifiable information is protected.
Facial recognition technology could prove to be an effective way to authenticate individuals seeking entry to secured buildings or databases storing sensitive information. But the biometric technology already is being abused, and IT security managers employing facial recognition should be careful to encrypt the...
It is no longer enough for information security professionals to secure critical information. They also need to be asking about the legitimacy of where this information comes from, says John Colley, managing director of (ISC)2 in EMEA.
NIST's Ron Ross points out that its seminal security control guidance, Special Publication 800-53, contains only one privacy control, requiring agencies to conduct a privacy impact assessment. That will change by year's end.