Leading the latest edition of the ISMG Security Report: Reports on the impact enforcement of the EU's General Data Protection Regulation, which began Friday, will have on the healthcare and banking sectors. Plus an assessment of GDPR compliance issues in Australia, which offer lessons to others worldwide.
Security leaders have been addressing the global skills gap for better than a decade now, with little to show for it. But Joe Cosmano of iboss recommends a new approach, leveraging software-as-a-service to make up for the staffing shortfall.
To judge by the flood of GDPR-themed email hitting inboxes, Europe's privacy law has been designed to ensure that you say "yes" to companies that monetize the buying and selling of your personal details, regardless of whether you remember ever having done business with them before.
A swift FBI sinkhole blunted an apparently imminent attack against Ukraine via "VPN Filter" malware, which has infected more than 500,000 routers. But mass router compromises will continue so long as manufacturers fail to build in easy or automated patching and updating, security experts warn.
At least 500,000 routers, mostly located in Ukraine, have been infected with "VPN Filter" malware that experts believe is a prelude to a massive cyberattack. But the FBI has sinkholed the control domain for the router botnet, which should help contain the potential damage.
The whole way we look at identity across the extended enterprise is in the midst of change, says Naresh Persaud of CA Technologies. What is dynamic authentication, and how does it herald the future of digital identity?
The American Civil Liberties Union has launched a broadside against Amazon, warning that Amazon Rekognition - mixing big data, machine learning and facial recognition - could be abused by authoritarian regimes. Amazon has countered by saying that all users must "comply with the law."
Following 33 arrests, police in Europe say they have dismantled a Romanian-led crime gang that used phishing attacks, online scams and fake invoices to steal more than $9 million from victims in Spain, including individuals as well as organizations ranging from hospitals to government agencies.
Universities throughout Florida are adding more cybersecurity courses in an effort to better train the next generation of practitioners, says Ernie Ferraresso of the Florida Center for Cybersecurity, which recently provided a second round of funding for the effort.
European Parliamentarians finally had their opportunity on Tuesday to ask Facebook CEO Mark Zuckerberg questions about its data handling and privacy practices. But the session, which lasted roughly 90 minutes, turned into a somewhat frustrating flop.
Will federal regulators finally tackle long overdue rulemaking related to a HITECH Act provision calling for the Department of Health and Human Services to share money collected from HIPAA settlements and penalties with breach victims?
Researchers have discovered two new Spectre/Meltdown variants: variant 3a, a rogue system register read, and variant 4, a speculative store bypass. Some AMD, ARM, Intel and IBM Power chips have the flaws, which attackers could exploit to steal sensitive data. Some fixes have already been shipped.
With enforcement of the EU's GDPR set to begin on May 25, Australian organizations vary in readiness. Steve Ingram of PwC says it's not too late for companies to prepare for GDPR, but it will be too late to ask regulators for forgiveness if something goes wrong.