Shred-it announced the release of its 10th Anniversary Edition Data Protection Report (formerly known as “The Security Tracker: State of the Industry Report”), which outlines data security risks threatening U.S. enterprises and small businesses. The findings are based on a survey conducted by Ipsos, shedding light on trends in data protection practices and the risks American businesses, organizations, and consumers face related to keeping their data secure.
A 30-minute movie, inspired by true events, called “The Nevernight Connection," details the fictional account of a former U.S. Intelligence Community official targeted by foreign intelligence service via a fake profile on a professional networking site and recruited to turn over classified information.
With many companies struggling to retain qualified CISOs or security managers, the lack of long-term security thinking is severely impacting sustained compliance within the Payment Card Industry Data Security Standard, according to new study.
The New York Attorney General’s Office (NYAG) reached a Consent and Stipulation Agreement with Dunkin’ Brands, Inc. (Dunkin), which obligates the company to implement and maintain a comprehensive information security program to protect customers’ private information. The terms of the consent agreement are similar to the terms New York reached with Zoom earlier this year regarding inadequate data security practices, and strongly resemble the reasonable security measures described in the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act).
As documented in Dirceu Santa Rosa’s article for the IAPP’s Privacy Tracker, efforts to delay the effective date of Brazil’s General Data Protection Law – Lei Geral de Proteção de Dados or LGPD – recently failed, and the law is expected to go into force in the coming days. Brazil’s federal government also published a decree approving the regulatory structure of the Autoridade Nacional de Proteção de Dados, i.e., Brazil’s national data protection authority.
Compliance regulators don’t take days off – not even in a pandemic. Faced with steep penalties for non-compliance and potential reputational damage, organizations are being forced to rethink their compliance strategies to account for new and emerging risks. For digital businesses today, the best place to start is by assessing how systems should be good enough, understand how data integrity is currently being managed, identifying any compliance hazards or gaps, and considering how automation can help address them.
Last week, Didier Reynders, European Commissioner for Justice, and Dr. Andrea Jelinek, Chair of the European Data Protection Board (EDPB), appeared at a hearing conducted by the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs, and updated committee members on their work since the Schrems II decision.
In his remarks, Mr. Reynders identified three main areas on which the Commission is focusing.
ON DEMAND: IP geolocation data, which maps the IP address of a device connected with the Internet to a geographic location, has been helping inform online business decisions for almost 20 years. Although it is no longer the new kid on the digital block, it has become an ever-more essential tool, addressing more varied business needs and applications than ever before – all arising from the growth of anonymous incoming Internet traffic as well as increased numbers of remote workers. This is driving a need for accurate location insights at organizations around the globe.
This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.