U.S. organizations were barely GDPR compliant in 2018, when California unveiled its own privacy legislation, the California Consumer Privacy Act, which goes into effect on Jan. 1, 2020. Yet, this is but one of several privacy laws being enacted across the U.S., and it poses many questions about the role of security to...
Boston Children's Hospital is pioneering the use of Amazon's Alexa voice assist technology in the healthcare sector. John Brownstein, the hospital's chief innovation officer, discusses the security measures involved.
In the past, the relationship between cybersecurity and privacy has been uneasy and even ill-defined. But today, in the post-GDPR era, the relationship is clear, and so is the legal and compliance path forward, says David Ruiz of Malwarebytes.
The University of Texas MD Anderson Cancer Center has filed a lawsuit arguing that a $4.3 million HIPAA penalty levied against it last year by the Department of Health and Human Services following three data breaches was unlawful. What are the main arguments?
The Department of Health and Human Services has yet to take certain critical actions to help enhance cybersecurity, according to a new GAO report that lists hundreds of recommendations for improving operations that have not been implemented.
Dark patterns are out to get you. The term describes the practice of abusing usability norms to create user interfaces that trick users into divulging their personal details or sacrificing their privacy. Bipartisan legislation proposed in the U.S. Senate, however, would make malicious design illegal.
The lack of a strong security culture at Equifax - especially compared to its two main competitors - was a key factor contributing to its 2017 data breach that exposed the personal records of 145 million Americans, according to a 71-page Congressional report.
Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
Vendor risk management must be a higher priority in all business sectors and must extend beyond security to include privacy, says Kabir Barday of OneTrust.
Buyer beware: A new study shows used USBs offered for sale on eBay and elsewhere may contain a wealth of personal information that could potentially be used for identity theft, phishing attacks and other cybercrimes.
Britain's intelligence establishment warns that Chinese networking giant Huawei's "software engineering and cybersecurity processes" continue to be beset by unresolved "defects" and that improvements promised by the manufacturer have yet to be seen.
Brad Smith, Microsoft's chief legal officer, says Australia's encryption-busting law is causing companies and governments to look elsewhere to store their data. Microsoft hasn't changed it own local operations yet, but other companies say they're no longer comfortable storing data there, he says.
Victims of hurricanes, wildfires and other disasters now face a second hit: The U.S. Federal Emergency Management Agency inadvertently shared 2.3 million disaster survivors' personal data of with an agency contractor, leaving victims at increased risk from fraud and identity theft.
Karl Racine, the attorney general for Washington, D.C., is looking to strengthen the District's data breach laws, specifically by offering greater protection for consumers and holding businesses accountable when they are breached or lose data.
Overall, Password Strength Scores follow the trends for Security
Scores: As companies get bigger, on average their Password
Strength Score goes down.
For businesses with fewer than 25 employees, the average total
Password Strength Score is 53. At more than 10,000 employees,
the average score drops to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.