Latest

Breach Notification

Timehop Reveals Additional Data Compromised by Hacker

Jeremy Kirk  •  July 16, 2018

Timehop, the social media app that resurfaces older social media posts for entertainment, says its ongoing investigation has revealed that an attacker may have compromised more personal information than it previously suspected over the course of a breach that lasted at least seven months.

Authentication

Australian Airport Identity Card Issuer Breached

Jeremy Kirk  •  July 13, 2018

An Australian company that issues identity cards for access to airports has been notifying applicants and cardholders that their personal information may have been compromised, according to a news report. Australian federal police are investigating.

Breach Response

Analysis: California's Groundbreaking Privacy Law

Nick Holland  •  July 13, 2018

The latest edition of the ISMG Security Report features a discussion of California's groundbreaking new privacy law as well as an update on the potential impact of the hacker group responsible for the Ticketmaster breach.

►

Cybercrime

Evolving Cyberattacks Against Banks

Nick Holland  •  July 11, 2018

A new kind of cyberattack that targeted financial institutions in Europe and Russia to steal nearly $100 million illustrates how threats are evolving, says Brian Hussey of Trustwave, who discusses mitigation steps.

►

Fraud

A Successful Strategy for Fighting Phishing

Nick Holland  •  July 11, 2018

The key to lowering the risk of employees becoming victims of phishing is to adopt an "adult learning" approach to training, says Brent Maher, CISO at Johnson Financial Group.

►

Fraud Management & Cybercrime

The Battle for Data Integrity

Tom Field  •  July 10, 2018

Stolen data is one thing - the consequences are obvious. But what if data is not stolen or leaked, but rather altered? What could be the damage? Diana Kelley of Microsoft discusses the emerging topic of data integrity and how to preserve it.

Governance

Bringing Vendor Risk Management to the Midmarket

Nick Holland  •  July 9, 2018

A new initiative by the Cyber Readiness Institute aims to promote best cybersecurity and vendor risk management practices to smaller enterprises. RiskRecon founder and CEO Kelly White offers his perspective on converting standards to practices.

Legislation

Why California's New Privacy Law Is a 'Whole New Ballgame'

Marianne Kolbasuk McGee  •  July 9, 2018

While California already had some of the strictest and most varied privacy laws in the country, the new California Consumer Privacy Act of 2018 "is a whole new ballgame," says privacy attorney Kirk Nahra, who explains why.

Breach Response

UK to Establish Court for Cybercrime in London

Jeremy Kirk  •  July 6, 2018

The U.K. has approved a plan to build a cutting-edge court complex in London designed to handle cybercrime, fraud and economic crime. The facility is expected to be a growth driver for the country's legal industry, despite the U.K.'s pending withdrawal from the European Union.

Data Breach

Cryptocurrency's Skyrocketing Money Laundering Problem

Nick Holland  •  July 6, 2018

Leading the latest edition of the ISMG Security Report: CipherTrace CEO Dave Jevans discusses recent research on cryptocurrency money laundering and whether regulation is possible. Plus, California passes a new privacy law.

►

Breach Preparedness

Why Attackers Keep Winning at 'Patch or Perish'

Mathew J. Schwartz  •  July 5, 2018

Patch management problem: Organizations must identify and fix all new vulnerabilities in their software and hardware as quickly as possible. Unfortunately, on average, attackers keep exploiting flaws faster than they're being patched, says Tenable's Gavin Millard.

►

Data Loss

Data Classification for the Masses

Mathew J. Schwartz  •  July 5, 2018

In the age of GDPR, more organizations are looking to data classification - including more automated techniques for doing so - as a way to not only help them protect their crown jewels, but in the case of a breach quickly identify what went missing, says Digital Guardian's Tony Themelis.