One key step for preparing to comply with the California Consumer Privacy Act, which goes into effect in January, is determining how best to verify the identity of users, say two leaders of the Sovrin Foundation, who discuss the key issues.
The White House has developed protocols for notifying the public of nation-state hacking or other interference during the 2020 presidential election cycle. But the full framework has not yet been released.
Senator Mark Warner, D-Va., is scrutinizing the Department of Health and Human Services' Office for Civil Rights' response to the recent discovery by German researchers of millions of patients' medical image files being exposed on the internet - including by a U.S. company.
Now that security researchers have located the first exploits that take advantage of the BlueKeep vulnerability in Windows, Microsoft is warning users to apply patches the company issued for this flaw before more dangerous exploits merge.
Democratic members of the House Energy and Commerce Committee have sent a letter to the Federal Communications Commission demanding that it do more to enforce the Communications Act following a report about wireless carriers giving phone data to third parties.
A new defense company has been formed in United Arab Emirates, combining three government-owned and 22 independent companies in an effort to develop technologies to help thwart cyberattacks and repel military drones.
The EU's General Data Protection Regulation rewrote the rules of the data privacy and breach notification game when it went into full effect last year. Now, however, numerous organizations are revisiting and refining their GDPR compliance efforts around preparation and remediation, says PwC's Polly Ralph.
Too many organizations are still failing to prioritize mitigating the risk posed by insiders, whether they're malicious actors or model employees who make mistakes that unintentionally lead to a data breach, says Veriato's Chris Gilkes.
Data privacy discussions must focus not just on collecting, storing and securing data, but also the impetus for doing so - and whether it is being done in an ethical manner, says consultant Thom Lagford, a former CISO, who addresses GDPR compliance issues.
Too many organizations continue to use digital assets and infrastructure even when they can see that they have information security problems and deficiencies that they're failing to fix, says cybersecurity expert John Walker.
Bala Kumar of iovation, a TransUnion company, sees a marked spike in identity fraud in general, and at account origination in particular. How does this increase manifest across industry sectors, and how should organizations re-think their defenses?
In June, I wrote an in-depth story about how millions of Instagram users worldwide under 18 years old were exposing their email addresses, phone numbers or both. Instagram has finally made a change to address the issue - but it doesn't go far enough.