In an in-depth interview, privacy expert Caitlin Fennessy sorts through modified draft regulations to carry out the California Consumer Privacy Act that are designed to help businesses take a more pragmatic approach to privacy.
While the cybersecurity industry has increasingly focused on the roles artificial intelligence and machine learning can play in thwarting attacks, the humans behind the algorithms remain both points of strength and weakness, says RSA President Rohit Ghai, who keynoted the RSA 2020 conference on Tuesday.
Granicus, one of the largest IT service providers for U.S. federal and local government agencies, acknowledges that it left a massive Elasticsearch database exposed to the internet for at least five months, but it says the risks involved were low.
New Mexico is suing Google, alleging the company violates a federal child privacy law by collecting the personal data of students younger than age 13 without their parents' consent. Google rejects the lawsuit's claims, saying they are "factually incorrect."
Implementing the concept of "privacy design" requires a series of critical steps, says Heikki Tolvanen, chief legal engineer at PrivacyAnt, a Finland-based privacy consulting firm, who offers insights on mistakes to avoid.
A U.S. Defense Department agency that's responsible for providing secure communications and IT equipment for the president and other top government officials says a data breach of one of its systems may have exposed personal data, including Social Security numbers.
The U.S. Census Bureau has not done enough to address cybersecurity issues in preparation for the 2020 census, which is slated to begin in April, according to a new report from the Government Accountability Office.
Amazon's Ring is mandating the use of two-factor authentication for all users, a move designed to help stop creepy takeovers of the web-connected home security cameras. A passcode will be sent to a user's email address or by SMS.
Are you attending the RSA 2020 conference? To help navigate the show, here's a preview of 12 top keynote sessions featuring some of the biggest names in cybersecurity tackling critical subjects, including cryptography, critical infrastructure security, bug bounties and supply chain risks.
Hacked-off patients are suing New Jersey healthcare organization Hackensack Meridian Health for damages after it suffered a ransomware attack last December and paid attackers an unspecified ransom to unlock its systems.
A federal watchdog agency will announce the expansion nationwide of an investigation into inappropriate access and use of Medicare beneficiaries' sensitive information for potential fraud and other unscrupulous activities.
Any lonely hearts in Europe hoping to meet the person of their dreams via Facebook's dating service on Valentine's Day this year will have to wait a little longer. The social network has delayed the EU rollout of its dating service, following a Monday "dawn raid" by Irish privacy investigators.
As organizations settle into the third year of enforcement of the EU's General Data Protection Regulation, some are struggling to define and understand the role of a data protection officer as required under the regulation - including whether the CISO should take on the extra role of DPO.