What will be the next big infosec issue?

Major cycles in cybersecurity come and go.  Several years ago, we were covering nonstop stories about things like the payment card industry (PCI), thanks to mega breaches like Target and Home Depot.  Payment terminal security was also a dominant trend…back when people still went into retail stores.  These concerns naturally still exist, but these days… Read More

School Cybersecurity and Ransomware Attacks

As schools gradually begin to reopen, among all the other safety concerns pressing on districts, one risk that hasn’t subsided is the security of personal data.  Even in this interim, data breaches have continued in education.  Most recently we hear of ProctorU, an online exam platform, enduring a breach as part of 18 firms with… Read More

Big data, ethics, and their challenges

Here’s a pretty mind-blowing stat: by 2025, according to IDC, the worldwide collection of data will grow 61% to a total of 175 zettabytes.  One of the issues that arises from this massive upward trend, already underway, is the growing relevance of ethical handling of the data.  Approximately 55% of executives surveyed by NewVantage Partners… Read More

Examining the Twitter hack and cybersecurity failure

By now you’ve probably heard all about the Twitter hack from last week, when cyber criminals gained access to 130 Twitter accounts, including prominent names like Barack Obama and Bill Gates, and used them to run a Bitcoin scam.   Social engineering is the given explanation in this case.  Several employees with administrative access to internal… Read More

Cybersecurity News Roundup for the Week

All kinds of news items abound this week.  LinkedIn has been sued for allegedly copying data from Apple users’ cut/copy/paste clipboards without consent, in violation of several federal and California privacy laws.  LinkedIn has denied storing or sharing the clipboard data and is still investigating the matter. Popular app TikTok also continues to face data… Read More

Compliance with new data privacy regulations

As we discussed recently, the California Consumer Privacy Act (CCPA) is now in enforceable effect.  This, despite requests from businesses to delay in light of the current pandemic, as is happening in places like Brazil and India. Unfortunately, and not surprisingly, we are seeing companies that have fallen behind now having to play a quick… Read More

Examining the state of privacy regulations

We have now passed a couple of years of GDPR enforcement, and today the California Consumer Privacy Act (CCPA) will also take effect. The result of the former has been a net increase in data breach notifications across European businesses.  One exception has been in the UK, according to a Linklaters report, which has seen… Read More

Planning for compliance and security

A recent ESI Thoughtlab report reveals how many small-to-mid-size businesses are planning to approach cyber-insurance spending over the next few years.  Namely, about 65% of them plan for increases (58% for larger firms).  This decision reflects a growing realization of the inevitability of cyberattacks: 45% now expect a breach to happen soon.  As remote working… Read More

Skimming data from online shoppers

A new Verizon Data Breach Investigation Report (DBIR) means it’s time to look and evaluate the state of data security across industries. Almost 4,000 data breaches were examined, and to be honest, there are very few surprises in my opinion.  A lot of the data reaffirms what we’ve long known and always hear.  Causes like… Read More

Differing attitudes toward security create remote working risks

We’ve examined in recent weeks the risks that come from widespread remote working.  Now, thanks to a study from Tessian, new insights are coming to light.  Most notably, a disconnect persists between IT staff and an organization’s employees regarding best security behaviors.  Surveying 2,000 professionals in the US and UK, Tessian found that only about… Read More