Makers of internet of things devices - especially those that handle health information - must implement protections into their product development lifecycle to effectively safeguard consumers' data, says regulatory attorney Elliot Golding.
The latest iteration of the NIST Cybersecurity Framework is designed to help bring those who aren't experts into the cybersecurity conversation, says Matthew Barrett of the National Institute of Standards and Technology. He outlines the expanded scope in version 1.1
What two points do GDPR and other new regulations have in common? They put pressure on organizations to demonstrate strong security postures and mitigate third-party risk. Danny Rogers of Terbium Labs discusses how security leaders can respond.
In this edition of the ISMG Security Report: Privacy watchdogs in the EU begin enforcing GDPR in less than 30 days; are organizations ready? Also, a look at the top 10, real-world online threats facing business and financial software firm Intuit.
Federal regulators are proposing an overhaul to the "meaningful use" electronic health record incentive program. But current program requirements for conducting a security risk analysis would stick.
Yahoo, now known as Altaba, has agreed to a $35 million civil fine with the U.S. Securities and Exchange Commission to settle accusations that the search giant failed to promptly notify investors about a December 2014 data breach.
Great news: "SunTrust to offer free identity protection ... at no cost on an ongoing basis." Of course, nothing comes for free, at least for 1.5 million customers of the Atlanta bank, whose personal details may have been sold to criminals by a former employee.
As the world prepares for GDPR enforcement, a new Privacy Maturity Benchmark study finds that 65 percent of respondents say their organizations experience sales delays because of data privacy issues. Cisco's Michelle Dennedy outlines the concept of data friction.
Organizations across regions and sectors are rapidly adopting the NIST cybersecurity framework, and Symantec has embraced it internally and for external clients. Symantec's Ken Durbin discusses the benefits.
Incident response is a critical pillar of an effective endpoint security program, one that will gain importance as GDPR enforcement comes into play on May 25. Organizations must be ready to react if and when an incident occurs in order to meet the stringent requirements that apply during an incident.
The Facebook/Cambridge Analytica scandal is far from over. Attorney Steven Teppler, co-counsel on the first class action case filed in the matter, discusses the likely repercussions.
Thirty-four companies have signed on to the Microsoft-led Cybersecurity Tech Accord, which is aimed at protecting civilians from cybercriminal and state-sponsored attacks. The agreement crucially includes a pledge not to help governments with cyberattacks
What are the strengths and weaknesses of U.S. federal security strategy? Sean Frazier of Duo Security, provides an assessment and addresses why adaptation to the cloud is paramount.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.