As the European Union's General Data Protection Regulation enforcement date approaches, organizations are working to address challenges, including changing the broadly accepted definition of what constitutes personally identifiable information, says Rashmi Knowles of RSA.
A former Massachusetts gynecologist has been convicted in a rare case involving a criminal HIPAA violation. The case was tied to providing a pharmaceutical salesperson access to patients' medical records.
Cybersecurity and fraud prevention functions need to start working more closely together to share and leverage cross-functional knowledge that can help improve security, says Michael Thelander of iovation.
The Ashley Madison breach of 2015 quickly became one the most famous of the high-profile hacks. Three years later, CISO Matthew Maglieri discusses the breach recovery and what he refers to as "cybersecurity in a world of discretion."
Security still remains an afterthought when many organizations are adding new technologies to provide a differentiated customer experience, says Anna Convery of Radware, who recommends a change in approach.
Twitter has apologized after it discovered that it had been inadvertently storing users' passwords in plaintext in an internal log, potentially putting them at risk. Twitter has blamed a bug for the fault and recommends all users change their passwords immediately.
As attackers get increasingly sophisticated in reverse-engineering applications, it is imperative that enterprises secure trusted applications that are reaching back into the datacenter from beyond the perimeter, says Rusty Carter of Arxan Technologies.
Over 55 percent of people will reuse passwords despite acknowledging the risks, says Amber Steel of LastPass. In the enterprise context, this bad behavior needs to be addressed without burdening employees with policies which could impact productivity, she says.