Will pay-for-privacy be the new normal?

Privacy is a human right, and online privacy should be no exception. Yet, as the US considers new laws to protect individuals’ online data, at least two proposals—one statewide law that can still be amended and one federal draft bill that has yet to be introduced—include an unwelcome bargain:...

Exposed: Instagram, OKCupid, Mumsnet All Face Data Concerns

It has once again been busy on the data privacy/exposure front as the week kicks off, with Instagram, dating site OKCupid and the UK’s powerhouse discussion site, Mumsnet, all making recent news. A report on GDPR breach notifications rounds out the latest. First up, Instagram users are apparently...

Airbus Suffers Data Breach, Some Employees' Data Exposed

European airplane maker Airbus admitted yesterday a data breach of its "Commercial Aircraft business" information systems that allowed intruders to gain access to some of its employees' personal information. Though the company did not elaborate on the nature of the hack, it claimed that the...

Lawsuits Aim Billions in Fines at Equifax and Ad-Targeting Companies

Equifax, Experian and Oracle are among a slate of companies whose business is consumer information, that could soon face billions of dollars in fines for improper data handling. Privacy International has filed complaints against seven corporations, consisting of data brokers Acxiom and Oracle,...

Onwards and Upwards: Our GDPR Journey and Looking Ahead

At Imperva, our world revolves around data security, data protection, and data privacy. From our newest recruits to the most seasoned members of the executive team, we believe that customer privacy is key. For the better part of the last two years, Imperva has laid the foundation for our complian...

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 21, 2018

Not that I needed to the reminder, but the influx of emails with the subject line “Updates to our Privacy Policy” from companies that I deal with and some that I’ve never heard of! means that TODAY is the day! The General Data Protection Regulation GDPR has officially taken effect. Originally...

Here's How to Download All the Data Apple Collects About You

Apple is making it easier for its users to download their data the company has collected about them so far. On Wednesday, Apple just launched a new Data and Privacy website that allows you to download everything that the company knows about you, from Apple ID info, device info, App Store activity...

Put FIM in Your GDPR Toolbox

File integrity monitoring, like other foundational security practices such as vulnerability management, helps organizations comply with the EU’s General Data Protection Regulation GDPR. FIM specifically provides security controls in three key areas for GDPR: Ensuring integrity of data stored in...

GDPR: The Stakes Are High and Time Is of the Essence

With the General Data Protection Regulation GDPR going into effect in under three months, the countdown clock is fast approaching zero for organizations worldwide that handle personal data of EU residents. GDPR is a very broad and wide-ranging regulation that requires organizations to obtain a lo...

Building an incident response program: creating the framework

In part one of our series, our overview of Building an incident response plan, we discussed what regulations organizations will need to meet in order to address incident/breach response protocols laid out in the EU’s General Data Protection Regulation GDPR. This week, we’ll talk to you about step...

This Retail Website Considers Password Security Optional

Most gaping security holes are terrible mistakes. But for one major Hong Kong-based online retailer called Strawberrynet, its security shortcomings are a feature. Like many ecommerce sites, registered users have an option for express checkout. What makes beauty-products website Strawberrynet uniq...

Countdown to GDPR: Get 20/20 Visibility Into Your IT Assets

Anyone questioning the importance of IT asset visibility in an organization’s security and compliance postures ought to review the EU’s General Data Protection Regulation GDPR, which goes into effect next year. With the severe requirements the GDPR places on how a business handles the personal da...

What you need to know: Navigating EU Data Protection changes – EU-US Privacy Shield and EU General Data Protection Regulation

If youre an organization with trans-Atlantic presence that transmits and stores European citizen data e.g. employee payroll & HR data, client & prospect data in the U.S. you will want to pay attention. What we will discuss was administered under the European Unions Data Protection Directive and a...