With the California Consumer Privacy Act set to go into effect Jan. 1, 2020, companies are making last-minute compliance preparations. But these preparations are challenging because regulations to carry out the law are still pending and ambiguities remain. Here's a look at three issues.
Instead of proving a flash in the pan, enthusiasm for cryptocurrency has grown - and with it the associated fraud. Cyber criminals were quick to develop malware with the aim of stealing cryptocurrencies, with attackers finding ways to exploit the anonymity offered.
In June, I wrote an in-depth story about how millions of Instagram users worldwide under 18 years old were exposing their email addresses, phone numbers or both. Instagram has finally made a change to address the issue - but it doesn't go far enough.
What's the best way to spring your citizens from foreign jail if they've been detained on U.S. hacking charges? That's a question that continues to plague Russia, including in the ongoing case against Aleksey Burkov, who's been charged with being part of a $20 million payment fraud scheme.
Russian attack group Turla has been named and shamed for hijacking Iranian nation-state attackers' infrastructure. The aim of GCHQ and NSA's attribution is, in part, to make Turla's future cyber espionage efforts more costly and time-consuming.
What is the risk of having too many cybersecurity tools? Compromised visibility because of "tool sprawl," say Brian Murphy and Seth Goldhammer of ReliaQuest. Enterprises are now awakening to this challenge and attempting to overcome it.
Organizations are accepting that the network perimeter no longer serves as the "ultimate defense" and thus adapting zero-trust principles, including least privilege, based on the understanding that they may already have been compromised, says Darran Rolls of SailPoint.
Robotic process automation aims to use machine learning to create bots that automate high-volume, repeatable tasks. But as organizations tap RPA, they must ensure they take steps to maintain data security, says Deloitte's Ashish Sharma.
Large or small, enterprises from all sectors are dealing with the same vulnerabilities in open source code. The difference: the scale of the problem. DJ Schleen of Sonatype discusses insights from the latest ISMG roundtable dinner.
As part of a multi-city tour, ISMG and Sonatype visited Atlanta recently for an engaging discussion on how to mitigate risks introduced by open source code. Here's a conversation with DevOps advocate Derek Weeks.