What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues.
To ensure privacy is protected, governments need to make sure standards and regulations keep pace with the latest technology developments, including facial recognition and other forms of artificial intelligence, says Steven Feldstein, an associate professor at Boise State University.
The Buyer's Guide for Complete Privileged Access Management (PAM) is the most thorough tool for holistically assessing your privileged access security needs and mapping them to modern privilege management solutions. This detailed PAM Buyer's Guide will help you identify where to begin your privileged access management...
Ahead of the release of Edward Snowden's memoirs chronicling his decision to bring illegal "big data" domestic U.S. surveillance programs to light, a former NSA intelligence specialist points out that the U.S. still lacks a whistleblowing law to protect intelligence workers who spot illegal activity.
Artificial intelligence and machine learning must be judiciously used, such as when monitoring internet of things devices, says David De Roure, professor of e-research at the University of Oxford, who offers insights on IoT risk management.
Government agencies and private sector organizations around the world are experimenting with the use of blockchain to help manage digital identity. Here are three examples of pioneering efforts in the U.S., Canada and India.
Cybercrime marketplaces Genesis and Richlogs are helping fraudsters to better impersonate legitimate users of banks, eBay, Amazon, Netflix and more by providing them with victims' legitimate "digital fingerprints" and replay tools designed to fool anti-fraud defenses.
Monzo, a U.K. mobile-only bank that plans to expand into the U.S., alerted about 480,000 customers to change their PINs this week after the company's security team found that a software bug meant some numbers were stored unencrypted in plaintext.
To leverage blockchain for identity management at the enterprise level, CISOs first need to form a governance structure, says Prasanna Lohar, head of innovation at DCB Bank, a private banking company in India, who describes all the necessary steps.
Mergers and acquisitions, along with cloud adoption, are rapidly changing the pharmaceutical industry. Sandy Dalal of Allergan talks about how Okta identity and access management brings security stability and supports a zero trust framework.
DirectTrust, - known for creating and maintaining the Direct protocol and trust framework for secure email in healthcare - has kicked off a new initiative to develop industry standards for secure real-time instant messaging. What are the potential benefits?
The promise of an integrated identity and risk platform that continuously monitors a myriad of suspicious activities across channels and applications, and dynamically orchestrates authentication and authorization actions has been around for over a decade. Many organizations and technology vendors have attempted to...
Many organizations use Active Directory as their domain network management tool of choice. But security experts warn that without locking down and regularly auditing AD, the ease of use that it provides to network administrators can also be tapped by hackers. Start here for essential defenses.