CaCPA to give consumers more control over their data

As long as there has been a lack of a singular national standard in the US for data privacy law, states have been individually filling the void with their own legislation.  California has been one of the leading states on cybersecurity policy, and their recent California Consumer Privacy Act (CaCPA), effective as of next January,… Read More

Evolving phishing schemes pose new risks to cybersecurity

Email is perhaps the single most crucial attack vector in cybersecurity today.  According to Verizon’s latest Data Breach Investigations Report, email is the channel used in 94% of attacks where hackers target executives for phishing schemes.  Phishing remains as culpable as ever in data breaches, and based on new insight from Carbon Black and Symantec,… Read More

DoorDash, Zynga, and EA Data Breaches

I hesitate to say this, because I know how influential we are and that their future IPO may take a hit, but I…don’t use DoorDash. *whisper whisper* What’s that?  ……McDonald’s partnership? Oh, ok then, they’ll be just fine. But for those who do use the food delivery service, there is now unfortunately another thing for… Read More

Best Practices for Data Security

Cybersecurity is a more important field today than ever before.  Let’s just get that established right away.  Threats to personal data abound from without and within: hackers who target and infiltrate networks, insiders and employees who, intentionally or not, compromise their organization’s security posture.  It is imperative that plans be made and reviewed in advance. … Read More

Cybercrime Activity Up Across the Board

The studies are out, the results are in, and according to Risk Based Security, this year is trending to be the worst ever for data breach activity.  We are now almost three quarters of the way through 2019, and by now the number of breaches is up 54% over 2018, totaling 4.1 billion exposed records… Read More

Managing Insider Threats with Vigilance

Two factors continue to be substantial risks to personal data in an enterprise environment: insider access and third-party breaches. According to the latest Verizon’s Data Breach Investigations Report, the former accounts for 59% of all security incidents.  Now, it seems the Office of Civil Rights (OCR) has published its own report, a newsletter called “Managing… Read More

Vulnerable data and rising breach costs

It’s no surprise that data breach costs, which have consistently risen in recent years, continue to do just that. A recent annual report from IBM Security examines the causes of breaches, as well the associated costs and their contributing factors.  For starters, even the data breach life cycle, wherein an organization discovers and contains a… Read More

Surveillance in the Skies

Every so often, you come across a data security story that hits hard, that really stirs the ire.  A story where a company displays such contempt for the customer and their privacy that one can’t suppress the disgust.  Such is sadly what we’re seeing with Cathay Pacific, the Hong Kong airline. In the aftermath of… Read More

Massive Capital One Breach – How did this happen?

I was just in the middle of writing something else when the Capital One story broke.  Considering I’ve already seen it referred to as “the new Equifax,” I thought it might be worth a look (that’s me understating it).  Especially since Equifax was itself in the news again lately for its settlement story. The full… Read More

Preventing a breach and countries targeted by hackers

As we’ve seen recently, the penalties for data breaches are rising across the board.  Just last week British Airways received the new record in GDPR fines, and now Marriott faces a $700 million sum in the US.  These figures are only going to grow. According to HIPAA Journal, March of 2019 saw an average of… Read More