Tag Archives for " cybersecurity "

Is your company part of the GDPR ‘mobile loophole’?

Europe is leading the way in privacy protection with General Data Protection Regulations (GDPR). But most companies are not focused on what it means for their mobile workers. Personal mobile devices, which often contain corporate data from being connected/synced to back office systems, and including data about individuals, are subject to the same regulations and restrictions of GDPR as larger systems (e.g., PCs and servers).

Source: Is your company part of the GDPR ‘mobile loophole’? | Computerworld

Small businesses vulnerable to cyberattacks but don’t act

Small businesses suffered a barrage of computer invasions last year but most took no action to shore up their security afterward, according to a survey by insurer Hiscox. It found that 47 percent of small businesses reported that they had one attack in 2017, and 44 percent said they had two to four attacks.

Source: Get started: Small businesses vulnerable to cyberattacks, then don’t act

Implementing appropriate security under the GDPR

Security of processing is a foundational principle of the GDPR. Under Article 5(1)(f), personal data shall be “processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).”

Read full article: Implementing appropriate security under the GDPR

Apple to Close iPhone Security Hole That Law Enforcement Uses to Crack Devices

Apple is closing a technological loophole that let authorities hack into locked iPhones, infuriating law enforcement officials and reigniting a debate over security versus privacy.

Source: Apple to Close iPhone Security Hole That Law Enforcement Uses to Crack Devices – The New York Times

Alexa and other smart speakers may endanger privacy rights

Legal experts say internet-connected smart speakers are the latest example of how technology and devices endear themselves to consumers before they realize the downsides.

The devices are supposed to begin recording the conversation only in response to “wake words” — like “Alexa” (for the Echo), “OK Google” (for the Google Home) and “Hey Siri” (for Apple’s HomePod). But they may be able to hear background conversations while activated.

Source: Alexa and other smart speakers may endanger privacy rights – SFChronicle.com

Protecting Customers’ Privacy Requires More than Anonymizing Their Data

The promised benefits of data-driven marketing are at grave risk unless businesses can do a better job of protecting against unwanted data disclosures. The current approach of controlling access to the data or removing personally identifiable information does not control the risk of disclosure adequately.

Other approaches, such as aggregation, lead to severe degradation of information. It’s time for businesses to consider using statistical approaches to convert the original data to synthetic data so they remain valuable for data-driven marketing, yet adequately protected.

Source: Protecting Customers’ Privacy Requires More than Anonymizing Their Data

UK’s police warns tech companies on use of encryption

The encryption technology that keeps smartphone users’ private messages safe could be regulated by the government because it is sometimes used by terrorists, the senior inspector overseeing the UK’s police forces has claimed.

Firms responsible for instant messaging apps are “making life easier for terrorists, paedophiles and organised criminals” while frustrating law enforcement by locking out the police, HM Chief Inspector of Constabulary said.

Source: Tech companies are bringing regulation on themselves by using encryption, warns UK’s top police watchdog | The Independent

White House says its federal agencies can’t keep track of their own data

Most federal agencies have no way of effectively detecting when data is stolen, found a new, 22-page report published by the White House Office of Management and Budget last week. 73 percent of federal agency programs simply can’t detect when large amounts of information leave their networks.

The report says there were more than 30,000 cyber attacks on the federal government in 2016 that resulted in lost information and compromised systems, but in 38 percent of those attacks (nearly 12,000 of the incidents), the government had no idea where the attacks came from or how they got into the systems.

Source: White House says its federal agencies can’t keep track of their own data

Why a DNA data breach is much worse than a credit card leak

Why would hackers want DNA information specifically? And what are the implications of a big DNA breach? One simple reason is that hackers might want to sell DNA data back for ransom. Or hackers could threaten to revoke access or post the sensitive information online if not given money.  But there are reasons genetic data specifically could be lucrative.

“This data could be sold on the down-low or monetized to insurance companies. You can imagine the consequences: One day, I might apply for a long-term loan and get rejected because deep in the corporate system, there is data that I am very likely to get Alzheimer’s and die before I would repay the loan.”

Source: Why a DNA data breach is much worse than a credit card leak – The Verge

1 2 3 63
>