The fallout from the Schrems II judgment continued with an announcement from Switzerland’s Federal Data Protection and Information Commissioner (FDPIC) that the Swiss-US Privacy Shield regime “does not provide an adequate level of protection for data transfer from Switzerland to the US pursuant to [Switzerland’s] Federal Act on Data Protection (FADP).”
To meet modern day challenges and address the evolving retail bank landscape, Origin Bank embraces innovative technology and solutions that boost efficiencies, reduce fraud and enhance service. The organization considers the protection of its clients’ assets to be paramount and strives to deliver a safe banking experience.
Compliance regulators don’t take days off – not even in a pandemic. Faced with steep penalties for non-compliance and potential reputational damage, organizations are being forced to rethink their compliance strategies to account for new and emerging risks. For digital businesses today, the best place to start is by assessing how systems should be good enough, understand how data integrity is currently being managed, identifying any compliance hazards or gaps, and considering how automation can help address them.
Cloud communications and other advanced networking solutions have not only changed the way we connect with the world around us today, but they are also driving the change in future connectivity and are set to transform the way businesses create operating models, collaborate, and more. So, what does the future of connectivity look like in 2021? The near future consists of more robust security, more intuitive and streamlined connectivity, and increased mobility for a global workforce.
Thoughts around threat landscapes commonly prioritize corporate and governmental networks assets as high priorities, with personal networks and resources as lower-level threats. However, there have been recent changes that have caused the reassessment of prioritization levels at times. As a result of the COVID-19 pandemic, the number of individuals who work from home has greatly increased. In fact, Stanford researcher Nicholas Bloom places the percentage of people currently working at home at over 40%.
From the early days of the web, the concept of authentication has been synonymous with the notion of ‘logging in,’ typically with a username and password. Today, this ubiquity has exploded to the point that the average individual has 191 usernames and passwords acting as one-to-one keys for any website they’ve registered with.
Today, Zero Trust is the subject of much discussion and debate; for instance, is Zero Trust doable in reality or more so in theory?
As many are aware, Zero Trust is a concept that deems everyone (employees, freelancers and vendors) and everything (datacenters, applications and devices) must be verified before being allowed into a network perimeter – whether they are on the inside or the outside of an organization.
Organizations may consider adopting an adaptive risk-based trust approach to securing their privileged access. This approach uses least-privilege, zero-trust as a baseline for how organizations build trust scores which will then be used to determine the level of security which is required to gain access to the cloud, and specific applications and systems.
In Spring 2020 as the COVID-19 pandemic was starting to spread across the globe, a survey of approximately 250 U.S. consumers commissioned by Awake Security found that the two threats from the DHS list that worry Americans most are cyberattacks on core infrastructure (electric, water, transportation etc.) and cyberattacks on corporations.
Diving deeper into the results surfaces something that is contrary to the popular narrative: consumers take responsibility for their personal cybersecurity and even help out those around them. They hold the government and enterprises ultimately accountable, but also understand the role each individual has to play.
Recently, two teens and a young adult infiltrated one of Silicon Valley’s biggest companies in a high-profile hack – and the biggest ever for Twitter. Authorities say the 17-year-old “mastermind” used social engineering tactics to convince a Twitter employee that he also worked in the IT department and gained access to Twitter’s Customer Service Portal. The 130-account takeover proved unique, as it was fundamentally a dramatic manipulation of trust and could have had far more world-changing consequences if the attackers had the aspirations of say, a dangerous fringe group versus that of a teenager. There are a few takeaways to learn here, especially when it comes to considering redefining what we classify as “critical infrastructure” and what must be protected at all costs.
This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.