The Colorado Privacy Act (CPA) passed yesterday in the state's senate and will go into effect in July 2023 – creating an additional regulation that organizations must comply with or face hefty fines and eroding consumer trust.
Enterprise security professionals face a difficult task. The growth of the cybersecurity market has led to increased clutter and overwhelming fragmentation. Before we dig into the tips that enterprise security professionals should keep top of mind when seeking out the right vendor, let’s delve into the primary pain points that buyers face.
As employees return back to the office, challenges continue to unfold and the best way to approach many of the computers and systems that have been off company premises for so long is to regard them as potentially infected.
Like the game of Texas Hold ‘Em, the practice of security is ultimately an exercise in decision-making. Specifically, how do you make the best decision possible with limited and incomplete information?
Rather than be caught off-guard and left to play catch-up, security and IT professionals should begin planning now for the many new and updated regulations, standards and proposed pieces of legislation that will be sweeping over the financial services industry and other sectors in the near future.
Has the pandemic and remote working created an environment of heightened risk of insider data breaches? Here, Darren Cooper, Chief Technology Officer (CTO) for Egress, speaks to Security magazine about what organizations can do to prevent data loss.
American arts and crafts giant Hobby Lobby has exposed a large amount of customer data, including names, phone numbers, physical and email addresses, and the last four digits of payment cards, and the source code for the company's app, according to a security researcher known as "boogeyman," who discovered the leak.
In the current environment, it is wise to incorporate security into your software development lifecycle as early as possible. Historically, security checks were a pre-release gateway for a software team: if you passed, your product/service could go to production. At the same time, security checks used to require a code and environment freeze, while audit preparations led to chaos and a non-systematic approach in collecting important security documentation. All these elements led to a bottleneck for the project team. However, a long wait for security testing results is no longer an option since the typical project pace has significantly increased. Various project models suggest their own approaches for introducing security into software development.
Employees create content on a daily basis. Much of this content has no long-term value and is not business critical, however, a small percentage is key to running operations. If this data goes missing or falls into the wrong hands due to a ransomware attack, an organization could be severely wounded and could be at the risk of extinction.
