data protection - News, Features, and Slideshows

• 

  Heathrow Airport lands $223k fine for three seconds on video in a lost USB stick

  A hefty fine for personal details in video that could be spread via a screenshot.

  Liam Tung | 11 Oct | Read more

• 

  Australia suffering 81 notifiable data breaches per month: OAIC

  More than a third of reported Australian data breaches are due to human error, the Office of the Australian Information Commissioner (OAIC) has revealed as it released its first full-quarter statistical report about the functioning of the new Notifiable Data Breaches (NDB) scheme.

  David Braue | 31 Jul | Read more

• 

  Tech giants helping government circumvent secure-messaging encryption: minister

  Australians can trust the government’s beleaguered My Health Record (MHR) service to secure their private data because it uses encryption, Australia’s minister for cyber security has argued while simultaneously admitting that technology service providers are providing “a high level of cooperation” to help the government circumvent their own privacy protections.

  David Braue | 30 Jul | Read more

• 

  Security concerns drive growing concern over mandatory health records

  In the wake of a series of healthcare data breaches, the Electrical Trades Union (ETU) of Australia has joined the chorus of critics pushing back against the government’s plans to mandate use of its My Health Record (MHR) scheme.

  David Braue | 24 Jul | Read more

• 

  As cyber insurance evolves, insureds must watch the fine print

  There’s nowhere left to hide. Now that the notifiable data breaches (NDB) scheme and EU general data protection regulation (GDPR) legislation are forcing companies to reveal the true extent of their data-security deficiencies, takeup of cyber insurance is surging as businesses weigh up the very real financial risk of non-compliance.

  David Braue | 09 Jul | Read more

• How to achieve better third-party security: Let us count the ways

  No enterprise is an island. In a connected world, a business cannot function without multiple relationships with third parties -- outside vendors, contractors, affiliates, partners and others.

  Taylor Armerding | 30 Jun | Read more

• How to defend against the OpenSSL Heartbleed flaw

  CSOs need to take a number of steps as soon as possible to protect their organizations against the OpenSSL vulnerability that has shaken the tech industry, experts say.

  Antone Gonsalves | 10 Apr | Read more

• How to Test the Security Savvy of Your Staff

  How do you know your employees retain what you teach them in company-required security awareness training? You don't -- unless you regularly test their security savvy and effectively address their mistakes during post-test follow-up sessions.

  Kim Lindros and Ed Tittel | 24 Feb | Read more

• Your Twitter account has been hacked! Here's what to do about it.

  Kirsty woke up to find that someone else had taken control of her Twitter account. I tell her how to get it back.

  Lincoln Spector | 09 Sep | Read more

• Send attackers on a wild goose chase with deception technologies

  Midsized companies with revenues from $100 million to $1 billion spent an average of $3 million on information security as of 2014 per "The Global State of Information Security Survey 2015" from PwC.

  David Geer | 18 Aug | Read more

• The 4 most insecure areas of online behavior

  Security experts and users follow a drastically different set of best practices to protect their security online, according to a new report from Google.

  Kristin Burnham | 12 Aug | Read more

• CRM backups or audit trails? Yes, please

  Like nearly any transactional system, usable CRM data backups are tricky because the data is always changing and dependent on coherency across several tables. Ideally, you'd fully quiesce the system and do a full backup every day, or enable the online backup. But with modern cloud systems and 7x24 customer access (via portals or mobile apps), you can't take the system down, and cloud vendors like SFDC don't provide a full backup more often than once a week. The situation with audit trails is different: they may reliably capture all the changes, but you may only be allowed to track a limited number of fields (the default in SFDC is 20 per object).

  David Taber | 30 Jul | Read more

• Data explosion offers challenges, opportunities to security pros

  230 million patients. 3,300 hospitals. 900,000 healthcare professionals. 98 percent of U.S. pharmacies. More than 700 different electronic health record platforms. 764 million medication histories. 6.5 billion transactions processed last year alone.

  Maria Korolov | 17 Jul | Read more

• Cyber insurance: Buy, but be aware

  "Caveat emptor" - buyer beware - is the most common warning to those shopping for big-ticket items. That, apparently, applies in spades to buying cyber insurance.

  Taylor Armerding | 10 Jul | Read more

Whitepapers about data protection

• 

  Whaling - Anatomy of an Attack, Protecting Your Organisation from CEO Email Scams

  Whaling — derived from an analogy with a big “phish” — is particularly threatening because it’s both highly deceptive and damaging. A cyber-criminal, disguised as the CEO, CFO or other senior executive, typically sends an email message to a recipient and convinces this person to initiate a wire or data transfer. These attacks are also referred to as impersonation attacks or business email compromise attacks.

• 

  The myths of mobile security

• 

  The challenge of protecting critical data

• 

  Key Communications Systems Are Always Available, Highly Responsive for Global Mining Company