On November 4, 2020, the California Privacy Rights Act (CPRA) passed, with a decisive majority of Californians (56% according to the Secretary of State's web site) supporting the measure to strengthen consumer privacy rights. Here, we talk to Heather Federman, Vice President of Privacy & Policy at BigID, about this sweeping privacy law that will set the bar for privacy rights for the rest of the nation.
Overlooked risks can cost companies millions in financial and reputational damage — but existing commercial threat intelligence solutions often lack data coverage, especially from these alternative web spaces.
How does this impact corporate security operations, and how can data coverage gaps be addressed?
Data must be protected. There’s no argument about that. Solutions to protect data at rest and data in motion have been around for decades. The problem is that for data to be useful, it has to be processed, and, until recently, processing left data wide open to theft or attack.
For most of this year, COVID-19 has dominated and disrupted our normal business routines, and as we relocated to avoid the first wave of the virus, the hackers and thieves weren’t far behind. As people began working remotely in large numbers, the number of unsecured remote desktops soared, as did brute-force attacks against those desktops.
In its quarterly report, toy maker Mattel announced it was the victim of a ransomware attack on its information technology systems that caused data on a number of systems to be encrypted in July 2020.
Japanese gaming giant Capcom has disclosed a data breach which led to unauthorized access of some files and systems. The developer claimed that the incident impacted email and file servers, among other systems.
While the first thing that may come to mind is attacks on voter booths and polling data, hackers were expected to hit more vulnerable targets first, such as community-based organizations and systems supporting political campaigns.
These networks are rarely designed to withstand the ransomware threats much larger, established political bodies face, and hackers know it.
Here, we talk to Doug Matthews, Vice President of Product Management for Veritas, about the conditions impacting data protection during the election period.
Ian Pratt, HP’s Global Head of Security for Personal Systems, believes hardware-embedded security paired with a robust cybersecurity education and cyber hygiene protocols for remote employees is core to any organization’s operational resiliency. Below, we speak with Pratt about the long-term security implications of the pandemic, what CISOs should be doing now to prepare for an increasingly uncertain future and where he believes cybersecurity is headed next.
Cybersecurity teams struggle with a lack of visibility into threats, endpoint devices, access privileges, and other essential security controls necessary for a robust cybersecurity posture. Without full visibility into their entire digital ecosystem, infosec teams cannot fully secure the assets on their networks or effectively prioritize the most serious threats. Below, I dive into how security professionals are still fighting the battle between effectively viewing serious threats and communicating cyber risk to company leadership.
Apricorn announced new findings from a Twitter poll exploring the data security and business preparedness for remote working during the pandemic. More than 30% of respondents singled out employee education as being the biggest area companies needed to make changes to improve cybersecurity.
