Cybersecurity

We know that compliance doesn’t necessarily equal security and that training employees is vital to preventing cyber attacks. But a poorly trained worker is the same as one not trained at all, and in too many tech companies, training isn’t...

The reputational damage and compliance failures that result from a data spillage incident are well-known, and as the volume of information companies collect continues to rise, those risks are only going to increase. ActiveNav’s Rich Hale offers simple advice that...

As a former chief privacy officer (CPO) of a publicly traded commercial real estate services firm, Maria D’Avanzo worked in close partnership with her company’s chief information security officer (CISO). They had regular meetings, shared information and issued joint messages...

Twitter’s been in the news of late thanks to Elon Musk’s (failed?) takeover bid, but another recent bit of Twitter news could be even more concerning for data privacy advocates. A former employee testified before Congress about the company’s blatant...

Exploring the results of thousands of enterprise penetration tests to reveal where risk may be hiding in your organization. How the Threat Landscape Is Changing Coalfire 4th Annual Penetration Risk Report What's in this whitepaper by Coalfire covering more than...

In March, the Payment Card Industry Security Standards Council published Payment Card Industry Data Security Standard (PCI DSS) Version 4.0 to address emerging threats and market changes. PCI DSS v4.0 is set to go into full effect in March 2025,...

Going by the online handle “erratic,” a former Amazon software engineer conducted an extensive hacking scheme that gave her access to the personal information of tens of millions of Capital One customers, a Seattle jury determined this spring. She’s set...

Lloyd’s of London, the world’s leading insurance market, says that cyber insurance policies it issues after March 31, 2023 will not cover most state-sponsored attacks. Cordery Compliance’s Jonathan Armstrong and Andre Bywater explore what this means for companies and how...

The average cost of a business data breach today is just over $15 million, according to a new analysis from Black Kite, a third-party risk intelligence platform. Black Kite’s report, “The Cost of a Data Breach: A New Perspective,” examined...

Notorious bank robber Willie Sutton famously said “because that’s where the money is” in response to why he robbed banks. Today, many threat actors view cryptocurrency and other digital assets in the same light. The lack of regulation and security...

An attitude of “productivity at all costs” gave employees a heightened level of control over their app choices in the early weeks and months of Covid-19. Now they don’t want to give that up. Matt Chiodi, technical adviser and chief...

 “Alexa, how many execs and board members of U.S. companies have unsecured home networks and open ports on public IP addresses?” The answer is: way too many. Experts warn that the modern attack surface has expanded, and board members’ homes...