The week in security: Equifax offers 143m reasons to review your data security and compliance

Credit-reporting agency Equifax was leading the news this week as a massive website vulnerability exposed data on 143m US consumers. The breach sent Americans scrambling to find out if they were among the compromised, while security practitioners worked through their own there-but-for-the-grace moments and contemplated how AI might help tighten the controls on their own data.

Open-source developers are also helping tighten controls, with CyberArk the latest firm to throw their technology into the open-source mix and hope it improves SecDevOps practices.

Also on the subject of good practices, research findings suggest that Australian companies aren’t doing great at complying with PCI DSS and maintaining their compliance – but what will this mean for GDPR, which has a broader scope and potentially bigger penalties for violations? It’s going to be a big question as we hurtle towards the new compliance regime.

In the meantime, new data was offering options for those concerned about building a secure cloud strategy.

Lenovo was fined $US3.5m ($A4.4m) over its Superfish adware fiasco and can no longer ask for user consent in its end-user license agreement. It’s an ignominious end to a scandal that many people thought Microsoft had started.

Speaking of fraudulent behaviour, phishers were targeting Microsoft Office 365 users in what experts believe may be an attempt to soften up a major fraud target.

Fraud comes in all shapes and sizes, and another major insider threat – the leaking of a recent Game of Thrones episode – highlights the challenges companies face in important but potentially problematic employee monitoring.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags data securitydata protectioncyber securityMicrosoft Office 365EquifaxCyberArkSecDevOps

More about CyberArkEquifaxLenovoMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by David Braue

Latest Videos

More videos

Blog Posts