An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case.
With an operating system that's used by 90 percent of Fortune 500 companies, Microsoft closely monitors cyberattack trends. Joram Borenstein, general manager of Microsoft's Cybersecurity Solutions Group, discusses his top three concerns for 2019.
The number of data breach reports filed since the EU General Data Protection Regulation went into effect has hit nearly 3,500 in Ireland, over 4,600 in Germany, 6,000 in France and 8,000 in the U.K. Regulators say more Europeans are also filing more complaints about organizations' data protection and privacy practices.
Endpoint devices represent some of the most common targets for cyberattacks. If a vulnerable laptop is compromised by threat actors in the field, that infection can rapidly spread to the rest of the organization upon
reconnecting to the network.
There are four main areas where this kind of deep integration can...
Understanding where data is stored so it can be protected, overcoming security misconfiguration and improving vendor management diligence are three top challenges for healthcare organizations, says Chris Bowen of ClearDATA.
What are three burning questions regarding legal and compliance issues that enterprise security leaders should ponder as they head into 2019? Ed Amoroso, former CISO of AT&T and current CEO of TAG Cyber, outlines the questions and possible answers.
The latest version of the NIST Cybersecurity Framework - Version 1.1 - includes more information on supply chain risk management, authentication, authorization, identity proofing and self-assessing cybersecurity risk management, says Matthew Barrett of the National Institute of Standards and Technology.
As of March 1, 2019, the two-year transition comes to an end, and covered entities are required to be in compliance with the New York Department of Financial Services Cybersecurity Regulation Section 500.11, the Third Party Service Provider Security Policy. What are the key requirements of this section, and how might...
Manufacturers need to change their approach to securing internet of things devices, says Aloysius Cheang, executive vice president for Asia Pacific at the Center for Strategic Cyberspace + Security Science, a U.K.-based think tank, who describes what needs to be done.
It's common for companies to expand their digital
networks to keep pace with expanding business
demands. As a natural extension of this growth,
network security needs to increase at the same time.
But today's security climate is very different than it was
even just a few years ago, compounding risk.
Breached businesses in Europe: Brace for more class action lawsuits seeking material and non-material damages filed by victims following mandatory data breach notifications under GDPR, says attorney Jonathan Armstrong. He predicts more breach-related suits will succeed in Europe than in the United States.
WhatsApp has agreed to appoint a grievance officer for India who will handle complaints about fake news. The nation's government had demanded the action in the wake of recent mob violence triggered by fake news spread on the social media platform. But will the appointment have a significant impact?
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
This white paper looks at how payment innovation is impacting fraud departments and the growing importance of removing friction to improve the customer experience. The mobile and online channels are the future; being able to authenticate returning customers and determine who new applicants really are will be essential...