Collaborate Disseminate
Each week Breach Clarity, recently acquired by Sontiq, compiles a list of what it considers to be notable data breaches—those that are worth highlighting because of the increased intensity of the risk to personal information. The Breach Clarity score … Continue reading Breach Clarity Data Breach Report: Week of March 29
New Yorkers could soon have clearer insight into when, where and how their data has been compromised under the terms of a bill expected to pass this week in the state’s legislature. The state’s lawmakers are debating whether to approve a bill that would update the state’s data breach notification law to cover more personal information and force firms to disclose ransomware infections, among other measures. The Stop Hacks and Improve Electronic Data Security Handling (SHIELD) Act also would cover any business that holds sensitive data of New York residents, rather than only firms that do business in the state. It’s an important detail cribbed from the European Union’s General Data Protection Regulation (GDPR), which compels organizations to report breaches affecting EU citizens, no matter where the hacked company is located, to regulators within 72 hours. The SHIELD Act requires notification to affected individuals “without unreasonable delay,” a time period […]
The post New York could soon pass its own GDPR-inspired data security law appeared first on CyberScoop.
Continue reading New York could soon pass its own GDPR-inspired data security law
Today, organizations rely heavily on data, with a big portion of that data made up of sensitive information. As organizations become the custodians of more and more sensitive information, the frequency of data breaches increases accordingly. In some ca… Continue reading The Data Breach ‘Kill Chain’: Early Detection is Key
In the past three years, U.S. lawmakers have struggled to nail down key details of how two of the biggest data breaches in history affected the public and private sectors. “How far back does your information database go that was compromised?” former Utah Rep. Jason Chaffetz demanded of then-Office of Personnel Management director Katherine Archuleta at a June 2015 hearing. Chaffetz berated Archuleta for failing to secure OPM’s IT systems, from which alleged Chinese hackers extracted data on 22 million current and former federal workers. “I just hope we get to the bottom of this…because this is a mess,” Rep. Ben Ray Luján, D-N.M., said in October after questioning former Equifax CEO Richard Smith on when he knew hackers had struck the credit-reporting firm. The breach compromised data on 148 million people. To try to demystify future breach-related discussions on Capitol Hill, cybersecurity firm FireEye held a quiet training session for roughly […]
The post Capitol Hill staffers learn what really happens when there’s a data breach appeared first on Cyberscoop.
Continue reading Capitol Hill staffers learn what really happens when there’s a data breach
Hello again readers and welcome back! The topic of today’s blog post is something that we posted on a few years back, but unfortunately it’s worth repeating again. Companies (both large and small) who provide any kind of cyber security services have a … Continue reading Fishing for work is almost as bad as phishing (for anything)
Enforcement of the new EU General Data Protection Regulation (GDPR) adopted in 2016 starts on May 25, 2018. It requires all organizations that do any business in the EU or that collect or process personal data originating in the EU to comply with the r… Continue reading Data Security Solutions for GDPR Compliance
Hello again readers and welcome back! I am pleased to announce that today there is a brand new, updated version of buatapa! Over the past several months I’ve had requests for better in script feedback on some of the ways that buatapa processed the resu… Continue reading Several minor updates to buatapa!
As the year begins anew for Congress, lawmakers face a daunting legislative list that includes decisions on a number of cybersecurity-focused laws. CyberScoop polled a half dozen people who work on cybersecurity policy issues to come up with a verdict on each piece of possible legislation — and get their broader take on the possibilities for cyber law-making in 2018. The experts looked at the following bills: A new DHS cyber agency: H.R. 3359, passed by voice vote in the House in December, is awaiting action by the Senate Homeland Security and Governmental Affairs Committee. Election cybersecurity: S. 2261, introduced in December with bipartisan support, and referred to the Rules and Administration Committee. A companion bill in the House, H.R. 3751, was referred both to the Administration and Intelligence Committees. Internet of Things security standards: S.1691 was introduced in August and referred to the Senate Homeland Security and Governmental Affairs Committee. Companion […]
The post How Congress could handle cybersecurity-focused bills in 2018 appeared first on Cyberscoop.
Continue reading How Congress could handle cybersecurity-focused bills in 2018
The Senate’s looking at YOU, Uber! Continue reading Proposed law would jail execs who fail to report data breaches
Hello again readers and welcome back! Today’s blog post is going to cover an instance, which unfortunately occurs WAY to often in the cyber-security realm, especially on the topic of “threat intelligence” or “advanced analytics” or whatever other buzzw… Continue reading Cyber Security Snake Oil