x
Risk and compliance startup LogicGate has confirmed a data breach. But unless you’re a customer, you probably didn’t hear about it. An email sent by LogicGate to customers earlier this month said on February 23 an unauthorized third party obtained credentials to its Amazon Web Services-hosted cloud storage servers storing customer backup files for its flagship platform Risk Cloud, which helps companies to identify and manage their risk and compliance with data protection and security standards. LogicGate says its Risk Cloud can also help find security vulnerabilities before they are exploited by malicious hackers.
The American Civil Liberties Union (ACLU) has clashed with Facebook a number of times, including a legal battle in recent years that forced the social media giant to make changes to its targeted advertising system. A new update to the ACLU’s privacy policy indicates that the organization is now feeding that same system. The new data sharing notification reveals that the ACLU is providing Facebook with the names, email addresses, phone numbers, countries of residence, and ZIP codes, according to reporting by Fortune.
The European Union is poised to ban artificial intelligence systems used for mass surveillance or for ranking social behavior, while companies developing AI could face fines as high as 4% of global revenue if they fail to comply with new rules governing the software applications. The rules are part of legislation set to be proposed by the European Commission, the bloc’s executive body, according to a draft of the proposal obtained by Bloomberg. The details could change before the commission unveils the measure, which is expected to be as soon as next week.
Last year proved not even a pandemic could slow investors’ appetite for cybersecurity. Now with a possible light at the end of the COVID tunnel, investors are being bold about doubling down. The first quarter of this year saw more than $3.7 billion invested globally into cybersecurity — outpacing the $2.3 billion for the first quarter last year, according to a new cybersecurity report by Crunchbase. If this level of investment continues, the industry would shatter last year’s record of $7.8 billion invested globally and see the sector hit nearly $15 billion in total venture investment.
The global 2021 Netwrix Cloud Data Security Report found that the majority of educational organizations experienced phishing attacks (60%) and account compromise (33%) in 2020. Phishing was the most common incident suffered by all verticals analyzed in the report, but the frequency of this type of attack in the educational sector is higher than the average of 40%.
As the vaccinated population grows, doors reopen, and more people come together again, the reality we find ourselves in will not be the one left behind in 2019. Many long for a return to in-person experiences, but at the same time, have grown accustomed to the flexibilities of a decentralized, digital-first world. As we emerge from lockdown, hitting "rewind" will not satisfy customer and employee needs. Instead, companies must create hybrid experiences that integrate both digital and in-person modalities.
Republican politicians and privacy advocates are bristling over so-called vaccination passports, with some states moving to restrict their use. Critics say they create different classes of citizens. COVID-19 vaccination requirements are fast becoming facts of life in the U.S., spreading business by business even as politicians and privacy advocates rail against them.
It’s been a stormy year for businesses. The wide-scale disruption of the pandemic has forced organizations across nearly every sector to rewrite the rules of digital engagement at a speed and scale many have never experienced before. Fortunately, the Covid-19 vaccine rollout is pushing some much-needed rays of light through the gloom. Even so, the weather ahead is by no means sunny skies just yet. Forecasting the future, and preparing for it, remains challenging. Last March, many businesses rapidly accelerated their journey to the cloud to support a digital workforce. According to a survey of more than 700 IT leaders in the UK and US, 68% have seen their digital transformation leap forward between one and five years during the pandemic.
There’s no question that data analytics can be a significant competitive differentiator for companies, delivering insights that can help boost sales and market share. But how much enterprises gain through analytics can depend a great deal on how well they’re taking advantage of the latest technologies, and how prepared they are for future developments.
China is looking to tighten rules around how its citizens’ personal data is collected, as it moves to further rein in the power of technology giants like Alibaba and Tencent. A strong data framework could help countries define how the next-generation internet looks as well, one expert said, pointing out that it could become a geopolitical issue as China looks to challenge the U.S. in the technology sphere.
Paul Davison, the CEO of new audio social media app Clubhouse, says there were no leaks of personal user data, in contrast to a report claiming there had been recently, The Verge reported. A Cyber News report said that users' data, including users' IDs, names, usernames, Twitter and Instagram handles and follower counts, were posted to a hackers' forum. That report didn't seem to indicate that credit card information was among the reportedly-leaked info. Now, Davison is calling that report "false."
Facebook on Wednesday, said it will not notify the 530 million users about the data breach of their account. Facebook assured that the data breach did not include financial information, health information, or passwords. The company also added that since it was not something that the users could alter, they deemed informing the users unnecessary.
Covid-19 has led organizations to use cloud for a wider range of use cases, especially as means of data backup. Despite the increase in usage, however, most organizations are still not in the clear about their responsibilities regarding data security and recovery. This is according to a new report from data protection firm StorageCraft, based on a poll of 709 IT decision-makers from around the world, which states that almost half (48 percent) increased the adoption of cloud services for data management as a direct consequence of the Covid-19 pandemic.
The majority of organizations have already migrated their VPN solution to the cloud, a NetMotion survey reveals. A study surveyed 750 leaders working in IT, security and networking, polling leaders across five geographical markets and eight sectors. This audience shared their insights, familiarity and experiences with SASE and other network security topics. 54% of organizations have shifted their remote access solution (VPN) from on-premise to the cloud. This includes VPN products hosted as SaaS offerings or those managed in the private cloud (IaaS), such as Microsoft Azure or AWS.
Companies are adopting AI solutions at unprecedented rates, but ethical worries continue to dog the roll outs. While there are no established standards for AI ethics, a common set of guidelines is beginning to emerge to help bridge the gap between ethical principles and the AI implementations. Unfortunately, a general hesitancy to even discuss the problem could slow efforts to find a solution.
Fees associated with networking are typically not the largest contributor to cloud computing costs. The pricing for running cloud infrastructure, like virtual machines, is higher. Still, cloud networking services costs can be significant, especially in poorly optimized cloud environments.
In 2020, the most common incidents that financial organizations suffered regarding data in the cloud were phishing attacks (reported by 26%), targeted attacks on cloud infrastructure (22%) and ransomware (15%), Netwrix reveals. Among organizations that experienced a data breach, 20% had to cover unplanned expenses to fix security gaps, 19% faced compliance fines and 17% experienced customer churn.
Education technology was a sleepy corner of the startup world until COVID-19 hit. It's wide awake now. According to HolonIQ, an education market research firm, ed tech companies raised more than $16 billion globally in 2020, with China and India accounting for over three quarters of that total. This is perhaps not surprising, given that the coronavirus pandemic pounded the traditional education paradigm and suddenly everyone, from parents to teachers to administrators and, finally, investors began hunting for solutions.
Cyber-breaches have increased 300 percent since 2011, but cyber-breach disclosures fell in 2020 for the first time in five years, according to a new report from Audit Analytics. The report, “Trends in Cybersecurity Breach Disclosures,” was released last week and analyzes public company disclosures of cyber-breaches since 2011. According to the report, the 117 breaches that were disclosed in 2020 represents a 19 percent drop from 2019 (144).
Employee training is an issue of critical importance for enterprises. Challenged to find skilled employees, sapped by high turnover rates, mired in massive transformations, the need to upskill and cross-train employees is paramount — and almost too much for traditional approaches to training to handle. Enter AI. Artificial intelligence and machine learning are increasingly being leaned on to aid in companies’ upskilling strategies, ascertaining skill sets, recommending learning paths, providing on-the-job training — even helping determine what to pay for acquired skills.
Apple Inc said on Wednesday that in the coming weeks it will start enforcing a new privacy notification rule that digital advertising firms such as Facebook Inc have warned will hurt their sales. Apple said the notices will become mandatory when its iOS 14.5 operating system becomes available in the coming weeks, though it did not give a precise date. The one-time notices will require an app developer to ask a user’s permission before the app tracks activities “across other companies’ apps and websites.”
Cloud adoption could be a lot more efficient if businesses didn't have to worry about compliance with various rules and regulations, new research suggests. In a recent blog post, Nick Godfrey, Director in the Office of the CISO at Google Cloud, says the industry is focused on reducing vendor lock-in, concentration risk and over-reliance on third-party providers. Together with market analysts IDC, the company analyzed how different organizations tackle the issue and came to the conclusion that a multi-cloud approach is an increasingly popular strategy.
The coronavirus pandemic forced many organizations to put their cloud migration projects into overdrive. Such a fast and unexpected transition to the cloud inevitably opened the door to more security threats. A report released Tuesday by Palo Alto Networks threat intelligence team Unit 42 examines how the cloud migration has affected security and what organizations can do to better protect themselves. Based on internal data, Unit 42's latest "Cloud Threat Report" found that organizations increased their cloud workloads by more than 20% between December 2019 and June 2020.
Over the past 12 months, the number of artificial intelligence (AI) and advanced analytics projects in production has increased by 54%. Much of this growth is due to AI-enabled digital workplace solutions and self-services capabilities, allowing for low-touch operations needed during the pandemic. New use cases have emerged in areas such as advertising, media, and marketing where consumers now expect personalized content and communications. AI is creating a shift in how enterprises consume data and make decisions.
United Kingdom Home Secretary Priti Patel is set to tell a conference of child protection activists that end-to-end encryption puts children at risk, according to a draft invitation seen by Wired UK. The speech, slated for April 19, comes as Britain prepares to roll-out its Online Safety bill, and as some groups advocate for stricter end-to-end encryption for companies like Facebook.
Three universities in the U.S. have had data stolen and published online in the latest data breaches related to a vulnerability in software from Accellion Inc. The universities targeted were Stanford University, the University of Maryland, Baltimore, and the University of California at Berkeley, with one commonality among them: The stolen data was published by the Clop ransomware gang.
Right now, digital transformation is all about hiring the right IT team and getting the right experts in place to handle the change. However, there’s a missing piece. C-suite could inadvertently get off the path by turning responsibility for technology over to a different department. Digital transformation success needs a tech-savvy C-suite. It’s time for board executives to pursue digital literacy. As we enter into this digital age, technology familiarity will be a baseline requirement for c-suite eligibility.
Now that the world has completed a full circuit around the Sun with COVID as a passenger, it is possible to see which jurisdictions responded well, and which are still struggling to come to grips with the virus. Two of the nations held up as examples of how to fight COVID were Taiwan and New Zealand, but the approaches were very different: One has locked down parts of its population multiple times, and the other with more experience of respiratory viruses, has avoided such approaches.
Data privacy regulators look a lot different these days. For starters, there’s more of them. They’re also — if you include Google’s plans for the third-party cookie and Apple’s ongoing anti-tracking restrictions — commercial enterprises, rather than government bodies. It’s not an exact like-for-like: Platforms don’t make or change policy on how publishers collect or use data directly from their users. Google’s decision to not build alternate identifiers to track individuals relates to its own products. But Google and Apple’s dominant market positions do mean when they make changes, they cause tidal waves across the rest of the digital advertising supply chain.
Cloud data warehouses have emerged as the go-to repositories for amassing huge amounts of data and running advanced analytics and AI upon it. This is great news for customers, who no longer must worry about provisioning enough storage and compute infrastructure to handle surges in workloads. But not all cloud data warehouses are created equal, which makes it important to research the offerings so you can choose the right one. The first step in the cloud data warehouse selection process is to get a good understanding of the different offerings that are available on the clouds today.
The Cloud Security Alliance (CSA) and AlgoSec announced the results of a new study titled, “State of Cloud Security Concerns, Challenges, and Incidents.” The survey, which queried nearly 1,900 IT and security professionals from a variety of organization sizes and locations, sought to gain deeper insight into the complex cloud environment that continues to emerge and that has only grown more complex since the onset of the pandemic.
Stanford University on Thursday said it is investigating claims hackers stole personal data from the School of Medicine. The alleged theft was part of a larger national cyberattack on universities and organizations that use Palo Alto-based Accellion Inc.’s 20-year-old File Transfer Appliance, the university said in a statement. The FTA is a third-party file-sharing service.
Last month, the Consumer Data Protection Act (CDPA) became law in Virginia — although it will not go into effect until 2023. As the latest example of sweeping, comprehensive state data-protection law, CDPA has drawn a lot of rough comparisons among pundits between itself and its Californian cousin — the California Consumer Privacy Act (CCPA). In fairness, the two have a lot of similarities. They both largely grant consumers rights to obtain, know about, and delete their data — as well as opt out of further processing of their personal data. They both offer a base 30-day cure period to businesses in the event of a violation. And they both require companies to take certain information-security steps. But there are a lot of differences as well.
IT decision makers may hesitate or at least carefully consider consequences related to identity and access management (IAM) and the cloud. Recently released research conducted by Forrester and commissioned by ForgeRock and Google Cloud points to numerous organizations planning to expand or play catchup on such matters with initiatives intended to go into action over the next two years.
Two mega-breaches caused by third parties have occurred over the last month, adding to the recent Solarwinds epic supply chain hack, to create a growing tsunami of third party risk for enterprises and government organizations. Security software provider Accellion suffered a breach in their FTA tool which caused many of their clients to have their data exposed to hackers. A number of high-profile customers were affected such as the Jones Day law firm, Kroger stores, and Shell Oil company along with other government and educational institutions.
New research from DataGrail shows that nearly half of privacy requests sent in 2020 were to stop the sale of personal data to a third-party. The 2021 The State of CCPA: Benchmarking CCPA Trends Across Consumer (B2C) Brands report examined how California consumers are exercising their privacy rights according to the California Consumer Privacy Act (CCPA), which went into effect on January 1, 2020.
Data-stealing ransomware attacks, information harvesting malware, and supply chain attacks are among the critical threats to organizations, according to F-Secure. 2020 saw an explosion of ransomware that also steals data, giving the attackers more leverage over their victims. If organizations first refuse to pay a ransom to decrypt their data, attackers threaten to leak the stolen information, increasing pressure on victims to pay.
Over 80% of global IT decision-makers have already adopted, or plan to adopt or expand cloud-based identity and access management initiatives over the next two years, a new study finds. The study, "Identity and Access Management (IAM) for the Hybrid Enterprise," conducted by Forrester Consulting for ForgeRock and Google Cloud, also found that the industry has significant opportunities to improve the IAM experience for the majority of hybrid cloud adopters
As Congress debates its next move on how to regulate big tech, states are already enacting legislation. Their push will likely serve as a model for the federal government. States are laying the groundwork to protect online consumer data and reign in powerful tech giants – debating and voting on laws and policies the federal government could borrow from as it advances big tech regulation.
Ubiquiti Inc. disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the response to that breach alleges Ubiquiti massively downplayed a “catastrophic” incident to minimize the hit to its stock price, and that the third-party cloud provider claim was a fabrication.
It might have been a forcing function of the global pandemic, or it could have been accelerated by ongoing advances in compute power. Whatever the cause, artificial intelligence and machine learning have become key information technology assets for many large enterprises. A McKinsey & Co. survey released in November found that half of respondents had adopted AI in at least one function, and half reported revenue increases as a result.
Source Defense provides in-depth analysis of the client-side threat landscape and specific attacks like formjacking, Magecart and web browser threats. The research offers a rare window on web security sentiments for a population relying almost exclusively on websites for all manner of shopping, healthcare, financial services and other essential needs during the pandemic.
The consumer data privacy topic may feel like a slow rolling, deep water wave, far offshore without imminent threat, but in reality, there are many waves rapidly gaining in size and speed, and they’re hitting all at once. The first ripples started several years ago in the European Union with an abstract-sounding acronym “GDPR” and have steadily grown here in the U.S. with a word-salad of terminology: “CCPA,” “CPRA,” “ITP” and now “IDFA.”
Privacy almost always comes at the cost of usability. Sometimes a browser extension might cause a website to display text strangely, prevent embedded images or tweets from loading on a page, or remove the little social media buttons that make it easy to share an article. But in exchange for the occasional slight headache, companies will have a harder time tracking what you do online.
Data is one of the most important assets your organization has, and protecting it is no longer optional. Cyberattacks can come in multiple forms, including outsider attacks such as phishing or malware, as well as insider threats via social engineering attacks, unauthorized file sharing or physical theft of company devices. A robust data security strategy is an essential requirement to protect your company’s sensitive data and keep intruders away.
In 2020, few things went well and saw growth. Artificial intelligence was one of them, and healthcare was another one. As noted by ZDNet's own Joe McKendrick recently, artificial intelligence remained on a steady course of growth and further exploration – perhaps because of the Covid-19 crisis. Healthcare was a big area for AI investment.
Remote working may be great for employee productivity and work-life balance, but it’s terrible for cybersecurity posture, a new report from cloud security firm Doherty Associates claims. As reported by City AM, the new report states that almost half of managers (42 percent) from financial institutions and law firms do not have clear visibility into threats targeting remote workers. Furthermore, they are also clueless about the volume of attacks aimed at employees.
PKWARE started 2020 with 142 employees. That number had dropped to 117 at the time of the acquisition. Even though PKWARE went on to acquire Dataguise, a data discovery company, in October, its total employment at the end of 2020 was 98.
Cloud cybersecurity—or a lack of it—is feeding a frenzy of companies out of the public cloud. A similar concern about managing compliance obligations is keeping organizations from moving to the cloud in general. However, much of the growing concerns over cloud cybersecurity result from experiences with public and private cloud platforms. A trend toward hybrid cloud computing could be an approach to better ensure data security, according to cybersecurity researchers.
Barracuda released key findings from a report titled The state of Office 365 backup. Commissioned by Barracuda, the research surveyed global IT decision makers to capture their opinions and perspectives about Office 365, data security, backup and recovery, SaaS solutions, and a variety of related topics. Overall, the findings indicate that the worldwide shift to remote work during the pandemic has intensified the challenges associated with protecting Office 365 data.
Marketers have been trying to tackle the challenge of customer data and privacy for years now. But just when they think they've caught up, yet another regulation is added to the mix. Consumer privacy legislation is being enacted on a state-by-state and country-by-country basis, and in some cases, businesses that fail to comply are being slapped with fines. How can brands stay ahead of the wave of ongoing legislation, new rules and compliance requirements?
Tensions have been building for months among national data protection watchdogs over the amount of time their Irish colleagues are taking to complete probes on big U.S. tech companies, including Facebook Inc. and Apple Inc. Such tensions and public rows playing out in the media are “not a good development,” European Commission Vice President Vera Jourova told Bloomberg in an interview.
How and where can edge computing help enterprise IT leaders deliver on digital transformation goals? Think about all that data you're crunching, for starters. Digital transformation and edge computing are not mutually exclusive approaches. Quite the contrary, say edge experts. Edge “is an enabler or accelerator technology” for digital transformation, says Vishnu Andhare, senior consultant with technology research and advisory firm ISG.
A coalition of organizations across the privacy, antitrust, consumer protection and civil rights spaces has called for a ban on “surveillance advertising,” further amplifying the argument that “big tech’s toxic business model is undermining democracy.” The close to 40-strong coalition behind this latest call to ban “creepy ads” which rely on the mass tracking and profiling of web users in order to target them with behavioral ads includes the American Economic Liberties Project, the Campaign for a Commercial Free Childhood, the Center for Digital Democracy, the Center for Humane Technology, Epic.org, Fair Vote, Media Matters for America, the Tech Transparency Project and The Real Facebook Oversight Board, to name a few.
One year since the onset of the pandemic, organizations globally have undergone major transformations as they seek to strengthen resilience, increase agility and deliver greater efficiencies. 89.2% of business and IT leaders agree COVID-19 has caused significant changes to their operating processes, while 87.3% say it has accelerated their digital transformation strategy. These are the findings from NTT Ltd., a world-leading global technology services provider, and the release today of its 2021 Global Managed Services Report.
A new report, Personal Data, Privacy & Smartphones: The Cautious Consumer analyzes what smartphone owners think of the upcoming Apple Identifier for Advertisers (IDFA) opt-in requirement and the use of their data. The report, from AppsFlyer and Mobile Marketing AssociationGlobal (MMA) highlights "the need to inform and educate their customer base about data usage."
In an economy where data is changing how companies create value — and compete — experts predict that using artificial intelligence (AI) at a larger scale will add as much as $15.7 trillion to the global economy by 2030. As AI is changing how companies work, many believe that who does this work will change, too — and that organizations will begin to replace human employees with intelligent machines.
Digital Transformation trends have evolved from pre-COVID days. Today, organizations are harnessing the power of agile IT frameworks to speed up their digital transformation efforts. As IT teams seek to build and strengthen their resilience, many factors are now considered before leaping ahead with digital transformation operations. Cost optimization, security and market intelligence figure among the top areas before planning digital transformation.
Cyberattacks can be devastating for any business, with IBM’s Cost of Data Breach 2020 Report revealing that the average cost of a breach is $3.86 million. Breaches are often thought to only be targeted at Fortune 500 or multinational companies. Unfortunately, this way of thinking can leave small business owners especially vulnerable to data loss or worse. Often, hackers will deliberately focus on smaller organizations on the assumption that these companies will have less robust cybersecurity mechanisms in place.
Nearly three years after a sweeping privacy law took effect in Europe, regulators are seeing more sanction decisions challenged and overturned as companies file appeals. European courts struck down or reduced several multimillion-dollar fines in recent months, raising questions about whether judges and privacy regulators disagree about how to enforce the 2018 General Data Protection Regulation. Companies taking note are more willing to challenge authorities’ rulings, according to privacy lawyers and regulators.
The Covid-19 pandemic dramatically accelerated technology adoption across all industries. According to one survey, 77% of CEOs reported that the pandemic sped up their companies’ digital transformation plans, and as Microsoft CEO Satya Nadella noted in the early days of the crisis, “We’ve seen two years’ worth of digital transformation in two months.” A study conducted by Twilio found that Covid-19 accelerated companies’ digital communications strategies by an average of six years.
The Global Privacy Control (GPC) is a technology initiative being spearheaded by a group of publishers and technology companies to create a global setting in web browsers that allows users to control their privacy online. This means you should be able to set the GPC control in your browser to prevent websites from selling your personal data.
Digital transformation is difficult enough to get right: Making a mistake that inhibits your agility can set you off on the wrong foot and prevent your transformation from succeeding.Transformations don’t fail because of the technology. They fail when organizations neglect to develop better ways of problem-solving, testing ideas, and managing work (what we call agility). If you’re unsucceed in these areas, your transformation may be sluggish and at risk of missing out on delivering the true value you set out to achieve.
Adoption of artificial intelligence accelerated during the COVID-19 pandemic, but many business leaders are concerned that AI deployments are moving too fast, according to a KPMG survey. The KPMG survey, Thriving in an AI World, found that AI has accelerated across all industries with financial services, retail and technology adopting the technology the most. The KPMG survey covered 950 business and IT decision makers with at least a moderate amount of AI knowledge.
Intel has announced that it has signed an agreement with the US government's Defense Advanced Research Projects Agency (DARPA) to join its Data Protection in Virtual Environments (DPRIVE) program to develop an accelerator for fully homomorphic encryption (FHE). Unlike with other types of encryption, FHE enables encrypted data to be processed without first having to decrypt it.
The Defense Advanced Research Projects Agency, or DARPA, has signed an agreement with Intel to add it to its Data Protection in Virtual Environments project, which aims to create a practically useful form of fully homomorphic encryption.
Companies are looking to grab any technology-driven advantage they can as they adapt to new ways of working, managing employees, and serving customers. They are making bigger moves toward the cloud, e-commerce, digital supply chains, artificial intelligence (AI) and machine learning (ML), data analytics, and other areas that can deliver efficiency and innovation. At the same time, enterprises are trying to manage risk — and the same digital initiatives that create new opportunities can also lead to risks such as security breaches, regulatory compliance failures, and other setbacks. The result is an ongoing conflict between the need to innovate and the need to mitigate risk.
Though some things have been tedious and slow during the COVID Era, the future happened really fast. Specifically, the future of how we buy things. As Benedict Evans, an analyst (and former Andreessen Horowitz investor) who runs a popular weekly newsletter, called out, over the past three quarters U.S. e-commerce has grown as much as it normally would in three years. That's a blistering pace and, importantly, it's not merely helping those retailers and restaurants that have traditionally focused online. No, retail and restaurants in general are embracing digital extraordinarily fast. Why? Because transformation is better than extinction.
The Florida state legislature is considering a sweeping data privacy bill introduced by Governor Ron DeSantis in February. House Bill 969 is the latest state provision to follow in the footsteps of the California Consumer Privacy Act (CCPA), the California Privacy Rights Act and the Virginia Consumer Data Protection Act, in giving consumers greater control over how their personal information is used while imposing greater restrictions on companies’ use of that data.
Nutanix announced the global public sector industry findings of its report, measuring organizations’ plans for adopting a private, hybrid and public cloud. The findings point to a concentrated modernization effort throughout the sector over the past few months, with 70% of respondents saying COVID-19 has caused IT to be viewed more strategically in their organizations. This COVID-19-spurred push is especially notable, given that the public sector has struggled with IT modernization efforts.
A new report conducted by Dimensional Research revealed that 32% of enterprises experienced unauthorized access to cloud resources, and another 19% were unaware if unauthorized access occurred. This was found to be largely driven by poor enforcement of identity and access management (IAM) policies in the cloud.
Artificial intelligence is becoming a true industry, with all the pluses and minuses that entails, according to a sweeping new report. AI is now in nearly every area of business, with the pandemic pushing even more investment in drug design and medicine. But as the technology matures, challenges around ethics and diversity grow. This morning, the Stanford Institute for Human-Centered Artificial Intelligence (HAI) released its annual AI Index, a top overview of the current state of the field.
Malaysia Airlines recently disclosed suffering from a nine-year data breach; the breach possibly exposed the personal information of members in its Enrich frequent flyer program. According to reports, the breach occurred due to a third-party IT service provider. At this time, it remains unknown how many Enrich users were affected by the breach.
Gov. Ralph Northam signed the Customer Data Protection Act (CDPA) into law on Tuesday, making Virginia the second state in the nation to pass a comprehensive privacy regulation after California. In a statement, David Marsden, the state senator who originally introduced the bill, called the move “a huge step forward.”
On Feb. 10, 2021, Acting Federal Trade Commission (FTC) Chairwoman Rebecca Kelly Slaughter offered a glimpse of where the FTC may be headed under the Biden administration and confirmed that privacy remains among the Commission’s top priorities. In her keynote address to the Future of Privacy Forum, Slaughter shared her views on the FTC’s role in privacy and data security, and her priorities for the coming years.
The malware attack perpetrated by Russian operatives against company systems may prompt new federal regulations around when and how technology companies report data breach incidents. One of the lesser-known aspects of the SolarWinds hack that lawmakers and top U.S. cybersecurity officials are grappling with is figuring out how many American companies and federal agencies have been affected.
It’s got $100 million, loads of personal data, questionable privacy practices, and no CSO: What enterprise security needs to know before employees join hot new social app Clubhouse. Social media app Clubhouse has been on the market for less than one year and it’s already facing privacy-related court filings and fallout from a user data leak that has been exploited, in which a user recorded and shared private conversations, user login information, and metadata to another website.
Though some things have been tedious and slow during the COVID Era, the future happened really fast. Specifically, the future of how we buy things. As Benedict Evans, an analyst (and former Andreessen Horowitz investor) who runs a popular weekly newsletter, called out, over the past three quarters U.S. e-commerce has grown as much as it normally would in three years. That's a blistering pace and, importantly, it's not merely helping those retailers and restaurants that have traditionally focused online. No, retail and restaurants in general are embracing digital extraordinarily fast. Why? Because transformation is better than extinction.
Air transport IT supplier SITA has said that hundreds of thousands of passengers have had their data stolen following a cyber attack on its systems. SITA, which services roughly 90% of the airline industry, announced on Thursday that it suffered a data breach on 24 February involving a portion of passenger data stored on its servers. The compromised servers in question operate passenger processing systems on behalf of airlines including those comprising the Star Alliance group.
For decades, the US government has let the private sector and the free market do their thing, betting this is the surest way to spur innovation and conjure up the advances needed to keep the American economy on top of the world. Now, with China ascendant, the approach is starting to change. Washington is taking baby steps towards something closer to central planning—seeking to inspire, guide, and protect advances in key areas like artificial intelligence, biotechnology, and quantum computing.
There is ample opportunity for financial institutions to harness the power of AI to build more meaningful connections and experiences with customers — vastly improving both retention and acquisition, according to research findings released by NTT DATA. In the global study, customers provide striking testimony about what they would like their financial institutions to provide for them.
Google has outlined how the company handles customer data in response to a Dutch data protection assessment. Launched in October, Google Workspace is an enterprise suite for applications including Gmail, Meet, Drive, and Sheets, software that can be useful for businesses currently adopting work from home or hybrid workplace models.
What does edge computing do for your hybrid cloud strategy, and what does edge server architecture look like in action? Edge computing and cloud computing have a natural relationship with each other: Think of the edge as an extension of cloud, and especially hybrid cloud infrastructure. You can also think of the relationship as bi-directional: Core cloud resources can move out to the edge when and where needed, and the edge can flow back to your core infrastructure when that makes sense.
The Virginia General Assembly is advancing legislation that allows Virginia consumers more protection with their online data, though opponents say the measure does not include the ability for people to file private lawsuits against companies that breach the proposed law.The measure is known as the Consumer Data Protection Act in both chambers of the state legislature.
It’s clear that artificial intelligence is powerful and cost-effective in the public cloud. However, it can be weaponized for unethical tasks. Researchers have discovered a challenge presented by the AI-powered speech generator GPT-2, released by OpenAI in 2019. The AI research lab’s chat tool excited the tech community with its capability of generating convincingly coherent language from any type of input. Shortly after GPT-2’s creation, observers warned that the powerful natural language processing algorithm wasn’t as innocuous as people thought.
Organizations of all sizes have adopted cloud strategies to varying degrees. While beneficial in many ways, the cloud also has its risks, which organizations should fully assess before placing assets there. In this comprehensive guide, complete with links to more information, we lay out the challenges in securing the cloud environment as well as how to develop best practices for managing cloud security.
Over the last decade there has been a reckoning over how digital companies collect personal data, what they do with it, and whether or not they’re capable of protecting it. Online data collection is still not regulated at the federal level in the U.S. But states are slowly embracing policies to ensure that digital companies protect their users—or at least introduce more transparency.
Digital fraud is one of the most pressing issues facing the banking sector, with fraudsters deploying a vast array of methods to target financial institutions (FIs) and their customers. Loan fraud complaints totaled 17,349 in Q1 2020 compared to 4,416 complaints during the same period in 2015, a 752 percent increase. Instances of credit card fraud jumped from 17,236 in Q1 2015 to 45,120 during the same quarter last year, a 436 percent increase. Financial fraud as a whole rose by 434 percent during this five-year period, including a 104 percent jump between Q1 2019 and Q1 2020.
Cybersecurity audit fatigue has become a very real issue for organizations that are required to comply with multiple government, industry, and internal requirements. In recent years, concerns over data breaches and privacy violations have spawned a bewildering array of regulations—all with similar goals but subtle differences in scope and in what they require organizations to do and provide by way of compliance evidence. The requirements have left security teams duplicating efforts and almost constantly engaged in audits rather than on their core functions.
With more remote workers, there is a greater need for cloud computing services. With more cloud computing, there is a greater need for cloud security. An Exabeam study found that companies are moving their security tools to the cloud, but that raises the question: Are they right tools for cloud security? Or are companies under-investing in their cloud security systems?
Cloud adoption was already a safe bet in 2020, but the pandemic drove a rapid acceleration of this trend last year. Enterprises’ average cloud spend went up 59% from 2018, according to IDG’s 2020 State of Cloud report. That same report found that security is the greatest obstacle organizations are facing when attempting to take full advantage of this booming resource. The (ISC)² report also found that 82% of organizations say traditional security solutions either don’t work at all in cloud environments or have only limited functionality (a notable decrease from the previous year’s survey response of 66%). So how do you maintain security when your workloads are in the cloud?
The European Commission, the EU’s executive arm, said Friday it started the process of adopting a pair of so-called adequacy decisions endorsing U.K. privacy protections. The measures, which still need the approval of EU governments, would allow companies to continue shipping data between the U.K. and the now 27-nation bloc.
Governments and technology companies are increasingly collecting vast amounts of personal data, prompting new laws, myriad investigations and calls for stricter regulation to protect individual privacy. Yet despite these issues, economics tells us that society needs more data sharing rather than less, because the benefits of publicly available data often outweigh the costs.
The states are moving much quicker than Congress on privacy, taxes and content moderation. When critics say that Virginia's new privacy bill is "industry-approved," they're not totally wrong, said David Marsden, the state senator who has been working for months to shepherd the law through the state legislature. It was an Amazon lobbyist who originally presented Marsden with the text of the bill, which hews closely to the failed Washington Privacy Act, versions of which have been pushed by Microsoft across the country.
A growing mosaic of state-level internet privacy proposals in lieu of a nationwide framework could provide new protections for consumers and additional question marks for businesses. Lawmakers in Virginia are nearing passage of data protection legislation in a rapid-fire legislative session slated to conclude this month. Washington state officials are considering compromises over enforcement of a potential privacy law for the third time. States including New York, Minnesota, Oklahoma and Florida are pushing ahead with similar proposals of their own.
State legislatures wasted no time in the beginning of 2021, introducing a myriad of privacy bills aimed at providing greater regulation over the collection and use of consumers’ sensitive personal data. Virginia sped through the legislative process after introducing its Virginia Consumer Data Protection Act (CDPA) at the start of the year, the first consumer privacy bill passed into law in 2021. With the CDPA, Virginia would become the second state in the nation to put in place a comprehensive consumer privacy law. It follows California’s 2018 enactment of its game-changing California Consumer Privacy Act (CCPA), which went into effect in early 2020. Importantly, the overwhelming support received for the enactment of the CDPA provides a strong indication that 2021 may bring with it greater regulation over the use of consumer data across the US.
The shift to cloud computing has been one of the most significant tech trends of the past few years. While it used to be the norm for companies to own and operate their own data centers, the amount of business software running on traditional servers is set to shrink to 32% of all enterprise applications by 2022, roughly half what it was in 2019...Moving to the cloud can create a host of benefits for companies, including slashed IT costs, more flexibility, increased efficiency, improved security, boosted performance, and the potential for innovation and developing new capabilities.
Encryption is a core tenet for cybersecurity. Attackers can't steal data that's encrypted. No matter what Hollywood says, there's no way for a hacker to get through one layer of good encryption, much less "several layers of encryption." But encryption comes with a lot of challenges. In a survey last fall by the Cyber Security Competency Group, 66 percent of respondents said that the management of encryption keys was either a "big" or "medium" challenge for their companies.
With so many organizations relying on cloud computing, keeping data protected while using cloud services has become a high priority. Yet, even though there is a greater emphasis on overall cybersecurity for the cloud, data privacy has been slower to evolve. That could be for any number of reasons – the emphasis on data privacy is a rising issue, but privacy regulations are more like alphabet soup than a well-coordinated effort; staff either aren’t trained on data privacy or think that if good security solutions are in place, data privacy takes care of itself.
Startpage announced results of its survey exploring the attitudes of Americans towards protecting their own privacy online. The results found a gap between the high levels of online privacy awareness and concern respondents report, and the low levels of action they take to combat increasingly egregious assaults on their privacy.