Breached businesses in Europe: Brace for more class action lawsuits seeking material and non-material damages filed by victims following mandatory data breach notifications under GDPR, says attorney Jonathan Armstrong. He predicts more breach-related suits will succeed in Europe than in the United States.
Security ratings are increasingly popular as a means of selecting cybersecurity vendors. But Ryan Davis at CA Veracode also uses BitSight's ratings as a means of benchmarking his own organization for internal and external uses.
Many of the computer devices to be used for electronic voting in November's midterm elections have unpatched older operating systems that make them vulnerable, says Darien Kindlund, a data scientist at the cybersecurity firm Insight Engines, which advises governments and others.
Scan4You, a notorious cornerstone of the cybercrime-as-a-service economy that allowed malware developers to more easily create code to bypass anti-virus defenses, has been dismantled, and its Latvian technical administrator has been slammed with a 14-year U.S. prison sentence.
In Australia, it can take as few as 15 minutes to steal someone's phone number, a type of attack known as SIM hijacking. Such attacks are rising, but mobile operators have no plans to change the authentication required around number porting, which can be set in motion online with minimal personal information.
IoT devices are increasingly becoming a way to pay for goods and services, shifting the "internet of things" to the "internet of transactions." Gord Jamieson of Visa Canada discusses steps the card network is taking to ensure these payments are secure.
A HIPAA-related enforcement case in Massachusetts involving two insider breaches alleges a trail of missteps, including failure to take prompt action after receiving tips about potential misuse of patient information. What can other entities learn from the mistakes?
Twitter has fixed a bug that sometimes sent a user's direct messages not only to the specified recipient, but also to unrelated external developers. The social networking service is notifying more than 3 million affected users and has requested that unintended recipients delete the messages.
Email fraud threats have evolved from attackers targeting networks to them focusing on specific individuals within an organization. What can enterprises do to halt these attacks before they reach the inbox? Denis Ryan of Proofpoint shares defensive tactics.
Kenrick Bagnall, a former IT executive who is now a detective constable with the Toronto Police, offers unique insights on public/private partnerships and how enterprises can work better with investigators in the event of a breach.
With the abundance of PII available on the dark web, there has been an explosion of synthetic identity fraud. Michael Lynch of InAuth discusses how device and user data can be leveraged to combat the fraudulent opening of new accounts.
The internet of things promises to change how enterprises operate - as well as the cybersecurity risks they will face. Robert Falzon of Check Point Software Technologies outlines IoT risks and how to prepare to mitigate them.