January 28 of every year is Data Privacy Day, where companies around the globe gear up for educating their employees on the importance of privacy and security. Jodie Daniels, Founder of Red Clover Advisors, suggests that we consider extending the knowledge and importance generated on this day into the other 364 days of the year.
When is the last time your company truly thought about the security of your network, devices and data? If this answer isn’t “yesterday” or “today,” then your agency, and the client data it is entrusted with, might be at risk. Dror Liwer, CISO of Coronet, outlines what agencies can do to get serious about cybersecurity.
Randy Bagwell interviews Ian Corey and Doug DePeppe of eosedge Legal about their view of 2019 as a “tipping point,” based on Malcolm Gladwell’s ideas in The Tipping Point: How Little Things Can Make a Big Difference, for behavioral change and enforcement of data protection duties based upon events and laws that emerged in 2018.
It is impossible for privacy professionals using manual, survey-based approaches to stay on top of an environment of ever-changing data and these days, the CTO is increasingly being tasked with operationalizing their companies’ data privacy solution. Kristina Bergman, CEO and co-founder of Integris Software, outlines four recommendations for CTOs when it comes to Data Privacy Automation.
Too often, companies' security strategies revolve around minimizing reputational damage and achieving compliance. Javvad Malik, an award-winning information security consultant and security advocate at AlienVault, suggests that businesses need to take a more granular approach to focus on protecting employee and customer data instead.
With the GDPR now in effect, businesses across Europe are adjusting to a new regulatory environment. David McLeod of activpayroll examines the GDPR's impact on the payroll landscape, and how employers might boost their compliance performance.
If signed by Governor Brown on September 30th, California’s "SB-327 Information privacy: connected devices” bill – the first to establish regulation around IoT – will require connected devices sold or offered for sale in California to have “reasonable security features appropriate to the nature of the device”. Although the bill is a good start, Aaron Guzman, Head of Automotive & IoT at Aon, outlines what an even better approach might be.
The recent cyberattack on the MyHeritage DNA and genealogy testing company compromised about 92 million user accounts. CipherCloud's Pravin Kothari discusses the rise in consumer DNA testing, the risks of this data being used for exploitation or harm, and the protection that consumers should demand of their most valuable personal information.
With the GDPR having begun its reign as the most comprehensive digital privacy legislation that the world has ever seen, we’ve officially entered a new era of data privacy rights and regulations. But it’s also a compliance burden to many businesses. Here are the four biggest rewards that businesses can reap by complying with privacy regulations like the GDPR – even if they don’t need to.
With May 25 looming, preparing for compliance with the European Union (EU) General Data Protection Regulation (GDPR) is an unavoidable necessity for businesses – and an important act of social responsibility.
Organizations can benefit from handling more data and doing more with their existing data, even when obstacles stand in their way. Here are three challenges that hold companies back from using more data and three difficulties of doing more with that data.
With hackers using ransomware and other attack methods to compromise high-value privileged user credentials, organizations need to take a serious look at how they approach their cyber defense. Here’s where to start.
Even with new technologies abound, we’ve come to rely on passwords as our primary means of managing access to systems, applications and data. In reality, passwords are our first—and in most cases, only—line of defense when it comes to protecting against unauthorized access, misuse and theft.
Enterprise security teams have a namesake job to do – secure their organizations – but it does not have to come at the expense of their colleague’s privacy. How, then, do organizations balance the requirements and expectations of both sides and keep their data secure while ensuring that the company refrains from violating privacy laws?
ISSA-LA presents two women in security and technology panels. The first panel explores information security, IT and other technology-oriented positions as they relate to attracting, recruiting, and maintaining diverse talent. And the second panel focuses on a different kind of inclusion: security versus privacy in the cybersecurity space.
Source documents sent for translation often contain sensitive information, and data corruption in the language industry can be extremely damaging for companies. Making sure your language provider has established a strong information security management system is imperative.
The new Facebook Messenger "live location" feature comes in handy when coordinating plans with friends, as it lets users share their real-time location on a map within a private/group message. But what kind of security vulnerabilities are consumers voluntarily opening themselves up to?
Technology entrepreneur Vishal Gupta explains how living by the principles of empathizing with the individuals whose data his firm is charged with protecting frames the way he approaches his InfoSec Life.
The relatively new field of privacy is a striking example of a profession that gets gender equity right. Will this equality last or will the industry slowly laud more men as leaders like the InfoSec space?
The 8th Annual ISSA Los Angeles Information Security Summit was back at the Universal City Hilton again this year, drawing well over 700 registrants from all over Southern California, Arizona and Nevada. This post covers some of the highlights captured from this year's event.
We made our way to the Moscone Center for the final day of sessions on a fresh San Francisco Friday morning. NIST’s (National Institute of Standard Technology) Framework for Managing Privacy Risk was the topic the panel was asked to dissect and discuss.