New EU Privacy Law May Weaken Security

Companies around the globe are scrambling to comply with new European privacy regulations that take effect a little more than three months from now. But many security experts are worried that the changes being ushered in by the rush to adhere to the law may make it more difficult to track down cybercriminals and less likely that organizations will be willing to share data about new online threats. On May 25, 2018, the General Data Protection Regulation (GDPR) takes effect. The law, enacted by the European Parliament, requires technology companies to get affirmative consent for any information they collect on people within the European Union. Organizations that violate the GDPR could face fines of up to four percent of global annual revenues.
Read more

Why Data Loss Prevention (DLP) Must Evolve for Modern Applications

The Economist effectively argues that “Data is the new Oil”. Most companies collect data that is important to their very survival and key to their competitive advantage. Losing this data has wide-ranging implications ranging from losing trust with customers, financial impact to the company, severe penalties by regulatory bodies, and losing competitive edge. Yet the technology solutions available are reactive and built for the pre-cloud era.Figure 1: A Modern EnterpriseThe above diagram illustrates the problem. A typical cloud application attracts thousands (maybe millions) of users, or connects to thousands (maybe millions) of IOT devices. Such an application may collect many different types of sensitive data, such as credit card numbers, social security numbers, blood pressure stats, heart rates, email addresses, passwords, account numbers, and more. The application likely has many outputs — other microservices, databases, logs, third party APIs, etc. Any number of individuals may have access to this data, including employees, contractors, and users — often because they need access to do their job or interact with the service, but sometimes because the organization doesn’t know that the data these individuals are given access to is sensitive or private.Traditional “Solutions” Are Not the AnswerTraditional technologies for protecting sensitive data — namely Data Loss...
Read more

GDPR data mapping: How to tackle complex processes

As part of your EU General Data Protection Regulation (GDPR) compliance project, your organisation will need to understand what personal data it processes. You will likely choose data mapping as a way to meet these requirements. Key elements of data mapping A data flow map of a process should chart the entire journey of personal data as it is processed for the purposes specified. If the same data is processed for an additional set of purposes, this constitutes a different process and should be charted in a separate map. An effective data mapping process will establish: The data items obtained
Read more

Ransomware – A Reminder for Healthcare Providers to Lock Down Their Environments

Ransomware attacks against healthcare providers aren’t new. In 2017, two crypto-malware infections affecting medical organizations made The State of Security’s top list of ransomware attacks for the year. The first involved an unknown strain that targeted Arkansas Oral & Facial Surgery Center, an incident which affected X-ray images, documents, and patient data related to recent … Read More The post Ransomware – A Reminder for Healthcare Providers to Lock Down Their Environments appeared first on The State of Security.
Read more

An Analog to Security and Compliance: The Wonder Twins

Security and compliance are two sides of the same coin, although they are often seen as adversaries. The truth is, much like the 1980s power siblings, the Wonder Twins (whose powers only functioned when their fingers touched), they work hand-in-hand to shore up your information security better than any other combination. Compliance is Key Regulatory … Read More The post An Analog to Security and Compliance: The Wonder Twins appeared first on The State of Security.
Read more
Page 1 of 3312345...102030...Last »