While CCPA has drawn the biggest headlines when it comes to new U.S. privacy laws, businesses and consumers should also take notice of New York's SHIELD Act, which goes into effect in March 2020. The law is expected to have impact on Wall Street firms and other financial institutions headquartered in the state.
Seattle-based smart home device maker Wyze says an error by a developer exposed a database to the internet over a three-week period earlier this month. The data included customer emails, nicknames of online cameras, WiFi SSIDs, device information and Alexa tokens.
Wanted: A new chief executive to assume command of Britain's growing National Cyber Security Center, part of GCHQ. As Ciaran Martin departs, the successful NCSC model he helped create is being widely emulated in many countries. But the U.S. remains a notable holdout.
Democrats and Republicans introduced a number of proposed bills in 2019 designed to create a federal privacy law. But will Congress be able to reach a compromise in 2020?
Warning: Attackers wielding LockerGoga and MegaCortex ransomware have been hitting large corporate networks, sometimes first lingering for months. That's according to a new FBI flash alert, as reported by Bleeping Computer, which essentially tells would-be victims: Please, get your defenses in order now.
Researchers at Positive Technologies say they discovered a vulnerability in enterprise software offerings from Citrix that potentially could put 80,000 companies in 158 countries at risk of a cyberattack.
It's important to look into the inherent risks of engaging with vendors before getting into assessing individual companies, says Devender Kumar, CISO at TMF Group, who discusses how to handle risks arising from third parties.
Because vendors were implicated in many of the largest health data breaches in 2019, it's more critical than ever for healthcare organizations to manage the security risks posed by their suppliers, says Erik Decker, CISO and chief privacy officer at the University of Chicago Medicine.
Apple and Google have stopped distributing a popular messaging app marketed to English and Arabic speakers called ToTok. The New York Times has reported that U.S. intelligence agencies believe ToTok was developed by the United Arab Emirates government to spy on its citizens. The government bans rival offerings.
MasterCard will acquire security startup RiskRecon for an undisclosed sum, the two companies announced Monday. The deal will allow MasterCard to offer third-party risk assessment to its business customers and consumers.
Future trustworthy and secure cyber systems need to be able to operate even in a degraded state. Ron Ross of NIST details the components of a new publication on cyber resiliency.
Identity and Access Management is at the epicenter of many corporate security vulnerabilities. Markku Rossi of SSH Communications Security discusses how a "Just-in-Time" approach to credential management eliminates standing privileges.
What are the key experiences, capacities and skills needed by the next generation of cybersecurity leaders, as they prepare to address enterprise business risk in the next decade? Ex-CISO and current advisor Christopher Hetner shares his vision of the future of cyber leadership.
As the year wraps up, regulators and legislators have been busy tying up some "loose ends" related to health data security and privacy before the start of 2020. Here are some developments you might have missed
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.