In this post of his blog "A CISO's View," security director Ian Keller discusses the importance of having mechanisms in place to report potential personal compromise or potential compromise of another person in your company and provides simple steps for making security everyone's responsibility.
Manual API discovery is impossible due to the sheer number of APIs available, their constant changes, poor documentation, different formats and protocols, and different authentication and security requirements. Given these challenges, the solution is to use automated API discovery tools.
At the EU cybersecurity agency ENISA's recent conference on the cybersecurity upsides and downsides of AI chatbots, presenters urged "preparedness," recommending that cybersecurity professionals track the "warp speed" evolution of chatbots to target emerging risks as well as opportunities.
The Federal Trade Commission has filed an amended complaint against Kochava, as allowed by a federal judge who last month dismissed the agency's first shot at a lawsuit seeking to permanently stop the data analytics firm from selling geolocation data collected from mobile devices.
Federal regulators have once again smacked a healthcare provider with a HIPAA settlement involving patient protected health information that was disclosed in response to a negative online review. Manasa Health Center will pay $30,000 and implement a corrective action plan, HHS said.
The Iowa Department of Health and Human Services has reported to federal regulators its third major health data breach involving a vendor since April. This time, Iowa HHS/Medicaid says the data of nearly 234,000 individuals was compromised in a mega hack recently reported by MCNA Insurance Co.
Technology and software-as-a-service, or SaaS, companies ship code at scale. Beyond Identity offers ways for them to solve the problems of phishable authentication factors, bring-your-own devices or BYOD, device security posture, zero trust risk policy enforcement, and user identity.
Microsoft is warning investors it may receive a fine from European privacy regulators adding up to at least hundreds of millions of dollars over targeted advertising on its LinkedIn social network. European authorities have shown increased willingness to use the GDPR to limit targeted advertising.
A federal judge declared a mistrial in the criminal HIPAA conspiracy case against a married couple, both doctors, after the jury deadlocked on whether the two had been entrapped by the U.S. government into providing patient records to a supposed Russian operative. Prosecutors will seek a retrial.
A flurry of legal complaints and a lawsuit have been filed against the city of Oakland, California, after it fell victim to a ransomware attack. The Play group claimed credit for the attack and posted some of stolen information, which includes personal details, ID numbers and health information.
This week: Amazon settled privacy and cybersecurity investigations with the U.S. FTC, SAS received a $3 million extortion demand and apparently Ukrainian hacktivists penetrated Russia's Skolkovo Foundation. Plus, breaches at Onix Group and Toyota and a warning about Salesforce "ghost sites."
Artificial intelligence poses a global risk of extinction tantamount to nuclear war and pandemics, say a who's who of artificial intelligence executives in an open letter that evokes danger without suggesting how to mitigate it. Among the signatories are Sam Altman and Geoffrey Hinton.
Amazon agreed to pay $5.8 million to settle a Federal Trade Commission investigation into allegedly poor cybersecurity practices by its Ring home surveillance device subsidiary. The company is also poised to come under two decades' worth of outside reviews of a mandated data and security program.
Microsoft Ireland revised its cookie policy for the Bing search engine in France after it received a reprimand from the country's data protection agency for privacy violations. The revision ensures Microsoft will not pay an additional 60,000-euro fine for each day of noncompliance.
Synopsys stands head and shoulders above the competition in Gartner's application security testing rankings, with Snyk rising and HCL Software falling from the leaders category. Longtime app security players Veracode, Checkmarx and OpenText joined Synopsys and Snyk atop the Gartner Magic Quadrant.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.