FORBES: Why CIOs Might Be Thinking About GDPR Compliance All Wrong

-
GDPR Compliance Shutterstock

With the GDPR deadline less than one year away, many CIOs are frantically trying to get their data houses in order. But as IT leaders struggle to put together the many pieces of the GDPR puzzle, it's probable that too many are taking a defense-only approach to compliance. And it’s no wonder: One of the first things to go through my own mind as well with any new regulation is, “What is the shortest path to get the box checked?”

Read more here at Forbes: Why CIOs Might Be Thinking About GDPR Compliance All Wrong
Location: Washington, DC, USA

Popular posts from this blog

The Three Elements of Cyber Security

-
Image
What problem costs $1.6 million, takes 170 days to discover, and requires 45 days to fix? Give up? It’s the average cyber-attack on a business. Is cyber security too expensive? An effective cybersecurity initiative that costs at least a dollar less than $1.6 million is, by definition, cheaper than the alternative. End of discussion. What about the 170 days that a cyber-attack can go undetected? That’s 24 weeks! For comparison, the U.S. Bureau of Labor Statistics says that, as of September 2016, the median job search takes 10.3 weeks. That means you could lose your job, find a new one, lose that job, and find a new one all in the time it takes for the average organization to discover its network has been breached. I didn’t pick the duration of the median job search at random. Among small and medium-sized businesses (SMBs), 60% go out of business within six months of being victimized by a cyber-attack. So if you work at an SMB that is attacked, when you detect the intrusion 170 da...
Read more

Open source components remain vulnerable to malicious or unauthorized activity

-
Image
2017 State of Software Security Report Veracode announced findings from the 2017 State of Software Security Report , a comprehensive review of application security testing data from scans conducted by a base of more than 1,400 customers. Among other industry trends such as vulnerability fix rates and percent of applications with vulnerabilities, the report exposes the pervasive risk from vulnerable open source components. Researchers found that 88 percent of Java applications contain at least one vulnerable component, making them susceptible to widespread attacks. This is in part because fewer than 28 percent of companies conduct regular composition analysis to understand which components are built into their applications. “The universal use of components in application development means that when a single vulnerability in a single component is disclosed, that vulnerability now has the potential to impact thousands of applications – making many of them breachable with a single e...
Read more

From 1 Billion Compromised to 3 Billion? Yep, it's true. The Yahoo! Breach

-
Image
Your Yahoo account was definitely hacked-here's what happened and what to do A massive data breach at Yahoo in 2013 was far more extensive than previously disclosed, affecting every last user, all 3 billion of them. Parent company Verizon Communications Inc. disclosed this news earlier today, Tuesday, October 3, 2017, according to the Wall Street Journal . Here is Insight from Matt O'Brien, AP Contributor for WRAL :  Yahoo: 3 billion accounts breached in 2013. Yes, 3 billion   The breach now affects a number that represents nearly "half the world," said Sam Curry, chief security officer for Boston-based firm Cybereason, though there's likely to be more accounts than actual users. "Whether it's 1 billion or 3 billion is largely immaterial. Assume it affects you," Curry said. "Privacy is really the victim here." Yahoo first disclosed the breach in December . The stolen information included names, email addresses, phone number...
Read more