Management

RSS

Shujinko announced the results of a survey of North American CISOs documenting the challenges facing security and compliance professionals preparing for a wave of upcoming audits. The survey, a joint effort between Shujinko and Pulse, found that calendars for security and compliance audits are largely unchanged despite COVID-19, yet the pandemic is straining teams as they work remotely.

New York Attorney General Letitia James announced a settlement with Dunkin’ Brands, Inc. (Dunkin’) — franchisor of Dunkin’ Donuts — resolving a lawsuit over the company’s failure to respond to successful cyberattacks that compromised tens of thousands of customers’ online accounts. 

The fallout from the Schrems II judgment continued with an announcement from Switzerland’s Federal Data Protection and Information Commissioner (FDPIC) that the Swiss-US Privacy Shield regime “does not provide an adequate level of protection for data transfer from Switzerland to the US pursuant to [Switzerland’s] Federal Act on Data Protection (FADP).”

To meet modern day challenges and address the evolving retail bank landscape, Origin Bank embraces innovative technology and solutions that boost efficiencies, reduce fraud and enhance service. The organization considers the protection of its clients’ assets to be paramount and strives to deliver a safe banking experience.

Compliance regulators don’t take days off – not even in a pandemic. Faced with steep penalties for non-compliance and potential reputational damage, organizations are being forced to rethink their compliance strategies to account for new and emerging risks. For digital businesses today, the best place to start is by assessing how systems should be good enough, understand how data integrity is currently being managed, identifying any compliance hazards or gaps, and considering how automation can help address them.

On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472, known as Zerologon. Secura's security expert Tom Tervoort discovered the vulnerabilty and recently explained in a blog why the vulnerability is so dangerous. 

Siemens USA announced the launch of its technologically advanced cyber test range housed at its U.S. R&D headquarters in Princeton, New Jersey. The COVID-19 pandemic and the related increase in cyberattacks has highlighted the need for facilities such as this to focus on prevention, detection, and response solutions.

U.S. federal agencies revealed criminal charges against five computer hackers, all of whom were residents and nationals of the People’s Republic of China (PRC). All were charged of computer intrusions affecting over 100 victim companies in the United States and abroad, including software development companies, computer hardware manufacturers, telecommunications providers, social media companies, video game companies, non-profit organizations, universities, think tanks, and foreign governments, as well as pro-democracy politicians and activists in Hong Kong.

The Department of Justice’s Office of Community Oriented Policing Services (COPS Office) announced nearly $50 million in school safety funding through its School Violence Prevention Program (SVPP). SVPP provides up to 75% funding for school safety measures in and around primary and secondary schools and school grounds.

Synopsys, Inc. published BSIMM11, the latest version of the Building Security In Maturity Model (BSIMM), created to help organizations plan, execute, measure, and improve their software security initiatives (SSIs). BSIMM11 reflects the software security practices observed across 130 firms from multiple industry verticals including financial services, FinTech, independent software vendors, cloud, health care, Internet of Things, insurance, and retail.