Implementing the concept of "privacy design" requires a series of critical steps, says Heikki Tolvanen, chief legal engineer at PrivacyAnt, a Finland-based privacy consulting firm, who offers insights on mistakes to avoid.
It's time for a new approach to application security
While applications have moved to-cloud and users are accessing them from everywhere, the way enterprises provide secure access to apps has largely remained unchanged. Teams in the midst of a cloud transformation must ensure that their applications remain secure no...
Ready for Office 365? Already deployed but running into problems? Either way, there are some secrets to deployment that can put you on the road to success. Even though these tips have been discussed-even by Microsoft-many companies discover deployment problems the hard way.
Download this document learn some of the...
The U.S. Cybersecurity Infrastructure and Security Agency has released its cybersecurity plan for the run-up to the 2020 presidential election, outlining the agency's role as a facilitator that will assist federal, state and local agencies in protecting critical election infrastructure.
MIT security researchers have published a paper that describes several security flaws in Voatz, a smartphone app used for limited online voting during the 2018 midterm elections. But the maker of the app contends the research is flawed.
The latest edition of the ISMG Security Report analyzes the indictments of four Chinese military officers in connection with the 2017 Equifax data breach. Also featured: Advice on implementing NIST's new privacy framework; lessons learned in a breach disclosure.
Israel's voter registration database - comprising close to 6.5 million people - was exposed to the internet because of an elementary coding flaw in an election application. It's unclear how long the exposure lasted or if bad actors accessed the data.
The latest edition of the ISMG Security Report offers an analysis of the missteps that led to problems with the app used in this week's Democratic presidential caucuses in Iowa. Also featured: growing privacy concerns about facial recognition and business continuity tips for dealing with the coronavirus.
A review of the mobile app that malfunctioned during Iowa's critical tally of the Democratic Party's caucus has uncovered a security vulnerability, ProPublica reports. Security firm Veracode says the app insecurely sends data, but it did not provide more details.
Conferencing service provider Zoom has fixed a vulnerability that - under certain conditions - could have allowed an uninvited third party to guess a meeting ID and join a conference call. The exploitation of the flaw revolves around guessing IDs for meetings that aren't password-protected.
Dave DeWalt, former CEO of FireEye and McAfee, has been appointed vice chair of the board of Onapsis, a vendor focused on securing business-critical applications. In this exclusive interview, DeWalt opens up on application vulnerabilities, the evolution of the nation-state threat and technologies to watch in 2020.
Microsoft accidentally internet-exposed for three weeks 250 million customer support records stored in five misconfigured Elasticsearch databases. While the company rapidly locked them down after being alerted, it's an embarrassing gaff for the technology giant, which has pledged to do better.
99.7% of web apps have at least one vulnerability. Yet, most security professionals admit their app security strategies are immature.
Download "5 Best Practices for Web Application Security: A How-To Guide" to learn:
Where you should focus to better protect apps against cybersecurity threats
Why automation is key...
The speed and complexity of software development is rapidly increasing. Development teams have little to no time to ensure these applications are secure, even while the biggest and most severe data breaches that have affected both the public and private sectors all operate at the application layer.