Should Europe's "right to be forgotten" apply worldwide? That's the focus of a case before the EU's highest court, which has pitted proponents - including Austria and France - against Google, Microsoft and the European Commission, who argue that the EU law provision should only apply in Europe.
CISOs and CIOs must ensure their organizations plan for worst-case scenarios, conducting frequent "dry runs" of disaster recovery plans, says Tonguc Yaman, CIO of SOMOS, a New York Community Care Network, who formerly served as deputy CIO of Bellevue Hospital.
A newly released report from the U.S. Government Accountability Office on the massive 2017 Equifax data breach provides a postmortem look at what went wrong, centering on the credit bureau's identification, detection, segmentation and data governance, as well as a failure to rate-limit database requests.
Russian national Andrei Tyurin, who's been accused of hacking into JPMorgan Chase's network in 2014 and stealing personal information on more than 83 million customers, has been extradited to the U.S. He was allegedly part of a group that hacked into brokerages, news firms, a risk intelligence company and others.
British Airways has been threatened with a class-action lawsuit in U.K. court after warning that a hacker stole payment card data associated with 380,000 transactions. A law firm says that under GDPR, the airline should compensate victims for "inconvenience, distress and misuse of their private information."
Security technology innovations entering the market are getting attached as features to an infrastructure that is fundamentally broken and an enforcement model that cannot operate in real time, says Matthew Moynahan, CEO at Forcepoint.
U.S. prosecutors have accused a 34-year-old North Korean man of involvement in some of the most destructive and profitable cyberattacks ever seen, including the WannaCry ransomware outbreak, the Sony Pictures Entertainment breach and the theft of $81 million from Bangladesh Bank.
British Airways is warning customers that it suffered a hack attack that compromised up to 380,000 customers' payment cards as well as personal data over a 15-day period. The airline says it was alerted to the breach by a business partner that monitors its websites.
To transparently identify legitimate users in digital channels, organizations need strong digital identity risk assessment capabilities that examine each user's digital patterns and can more accurately detect potential bad actors, says IBM's Matt Konwiser.
All organizations should ensure that they are using the most appropriate tools, technologies, practices and procedures to safeguard their information against today's top threats, says Check Point's Avi Rembaum.
The latest edition of the ISMG Security Report features Barbara Simons, co-author of the book "Broken Ballots," discussing why she believes it's a "national disgrace" that some states are relying on computer voting with no provision for recounts. Also: Update on breach lawsuit against Premera Blue Cross.
Canada, which has a head start on the adoption of digital payments, has learned some valuable security lessons that could be beneficial to the U.S., says Gord Jamieson of Visa. He'll be a featured speaker at ISMG's Fraud & Breach Prevention Summit: Toronto, to be held Sept. 11-12.
Unknown attackers are intercepting every piece of data handled by more than 7,500 routers made by MikroTik, while also using another 239,000 compromised routers to serve as proxies, researchers say. It's a continuation of a wave of attacks that exploit a vulnerability patched by MikroTik in April.
A recent incident involving a chronic care management company spotlights how paying a ransom to recover decryption keys from ransomware attackers can put sensitive data at additional risk. Security experts offer insights on how to prepare for the many challenges posed by attacks.
Plaintiffs in a class action suit against Premera Blue Cross allege the company willfully destroyed a computer that may have shown that attackers actually removed data from its systems during a 2014 intrusion. Premera contends the computer, dubbed A23567-D, was "unintentionally" tagged end of life and destroyed.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.