Companies that want to continue doing business globally will need to take privacy much more seriously, especially in light of increasingly strict new laws, ranging from the California Consumer Privacy Act to the EU's GDPR, says privacy and security expert Michelle Robles.
The Srikrishna Committee's recommendation in its draft of a data protection bill that foreign companies be required to only store domestically certain "critical" data of Indians is impractical and will not help prevent breaches.
Leading the latest edition of the ISMG Security Report: An analysis of why it may be too late to secure the 2018 U.S. midterm elections. Also: A close look at the Anthem breach lawsuit settlement and a report on ransomware recovery lessons learned.
If India's proposed data protection bill is enacted into law, Indian organizations that must also comply with the EU's General Data Protection Regulation would have to focus, first and foremost, on compliance with India's new law, says Rahul Sharma, founder of The Perspective, which focuses on cyber policy.
With less than three months to go until the U.S. midterm elections, Alex Stamos, until recently Facebook's CSO, says there isn't time to properly safeguard this year's elections. But here's what he says can be done in time for 2020.
In an exclusive, in-depth analysis, a panel of experts says the proposed personal data protection and privacy bill, prepared by the Justice B. N. Srikrishna committee, has many gaps and some provisions that could prove challenging to implement.
U.K. health and beauty retailer Superdrug Stores is warning customers that attackers may have compromised some of their personal information, apparently because they'd reused their credentials on other sites that were hacked. While Superdrug quickly notified victims, it stumbled in three notable ways.
Cybercrime is a business and, like any business, it's driven by profit. But how can organizations make credential theft less profitable at every stage of the criminal value chain, and, in doing so, lower their risk?
It's déjà vu "FBI vs. Apple" all over again, as Reuters reports that the Justice Department is seeking to compel Facebook to build a backdoor into its Messenger app to help the FBI monitor an MS-13 suspect's voice communications.
An Australian teenager was such a fan of Apple that he hacked into the technology giant's mainframe, according to media reports. The teen has pleaded guilty to stealing 90 GB of sensitive information. But Apple says no customers' personally identifiable information was exposed.
U.S. President Donald Trump signed a presidential order on Wednesday that revokes a set of Obama-era guidelines for offensive cyber operations, The Wall Street Journal reports. The policy change may satisfy critics who contend the U.S. should be able to move faster, but it raises risks of escalating cyber conflict.
When taking steps to guard against fraudulent transactions through contactless payments, organizations must carefully balance the level of security versus customer convenience, says Sriram Natarajan, COO at Quatrro.
The STIX and TAXII standards for threat intel interchange have undergone a major upgrade to v2.0. LookingGlass CTO Allan Thomson, who's been closely involved in its development, describes the role of these enhanced standards.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.