fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " cybersecurity "

Silicon Valley – Not Governments – Will Kill Encryption

It is Silicon Valley that will roll back the protections of encryption, not for the needs of governments to combat terrorists and criminals, but for their own profit-minded needs to continue mining, monetizing and manipulating their users.

The growing popularity of end-to-end encryption threatens to upend this uneasy truce between digital security and the ability of web companies to mine our personal data.

Full article: Silicon Valley – Not Governments – Will Kill Encryption

DLA Piper and its insurers clash over multi-million NotPetya payout

Multinational law firm DLA Piper was hit in the crossfire as Russia-backed ransomware spread, and Hiscox is reportedly declining to pay up citing an “act of war”.

DLA Piper has started proceedings against Hiscox, saying that the insurance firm has failed to pay out for the damages and costs associated with the NotPetya attack – a claim which may amount to several million pounds.

Source: DLA Piper and its insurers clash over multi-million NotPetya payout

61% of CIOs say employees are maliciously leaking data

A study of the root causes of insider breaches has found that 61% of IT leaders believe that employees have maliciously risked data in the last 12 months.

However, the research, which involved input from more than 250 US and UK IT leaders and 2,000 US and UK-based employees, found that employees had a very different view of the situation.

92% of employees said they had not accidentally leaked company data, while 91% said they had not done so intentionally. This suggests that employees may be unaware of being the perpetrators of insider breaches.

Source: Insider breaches: 61% of CIOs say employees are maliciously leaking data

A New Age of Warfare: How Internet Mercenaries Do Battle for Authoritarian Governments

Sophisticated surveillance, once the domain of world powers, is increasingly available on the private market. Smaller countries are seizing on the tools — sometimes for darker purposes.

NSO, a private company based in Herzliya, Israel, has hired former government hackers to ply their trades for foreign governments.

Full article: A New Age of Warfare: How Internet Mercenaries Do Battle for Authoritarian Governments – The New York Times

Personal health information has a value on the black market

Thieves collect personal data such as home addresses and contact information, but also details of physical or mental conditions and prescribed medications. Individuals can be threatened with public exposure of their data, especially those in high-profile positions, and future health benefit claims or even border crossings could be affected.

Compromised personal health data has a much greater and lasting impact. When a credit card is stolen, card numbers are changed and charges in question are typically reimbursed. Conversely, your health record stays with you for life, leaving you more vulnerable to future problems.

Full article: Michael Green: Personal health information has a value on the black market | Vancouver Sun

Think about privacy the next time you ask Alexa the weather

More and more people are starting to think twice before asking Alexa for the daily forecast. According to a recent PwC survey, 38 percent of participants chose not to purchase a smart device because they “don’t want something listening in on [their lives] all the time.” Additionally, 28 percent of respondents are “concerned about privacy issues with [their] data/security.”

Full article: Think about privacy the next time you ask Alexa the weather

Businesses are spending on cybersecurity, but failing to implement basic practices

Cybersecurity spending has increased, but research shows that organisations are still vulnerable to the most basic of cyber threats.

Just 36% of UK IT leaders are confident that their company’s current IT systems provide adequate protection against cyberattacks.

Full article: Businesses are spending on cybersecurity, but failing to implement basic cybersecurity practices | Verdict

Cybersecurity certification schemes backed by MEPs

Businesses could in future be forced to ensure their products, services or processes meet specified cybersecurity standards under proposed new EU rules that have been formally approved by the European Parliament.

According to the proposed new rules, cybersecurity standards could be mandated for certain ICT products, services and processes before the end of 2023.

Source: Cybersecurity certification schemes backed by MEPs

European Parliament Approves EU Cybersecurity Act

Following a political agreement at the end of 2018, earlier this week the European Parliament approved a new cybersecurity regulation known as the EU “Cybersecurity Act“.

This forms part of the EU’s Cyber Package, first announced in September 2017 (which we blogged about here ). In addition to reinforcing the mandate of ENISA — now to be known as the EU Agency for Cybersecurity — the new regulation establishes an EU cybersecurity certification framework.

Source: European Parliament Approves EU Cybersecurity Act

The cyber insurance battle begins

The cyber insurance no longer is a novelty. Experts say that executives no longer have to justify the expense. In fact, if they don’t have it, they may well have some explaining to do.

Insurance companies have reciprocated by nurturing the market. That has included playing nice when clients file claims. Carriers have paid with few complaints. There have been no big public altercations. Until now. A battle line has emerged.

Full article: Insurance War

>