New EU General Data Protection Regulation (GDPR): An IT Security View

The new EU General Data Protection Regulation (GDPR) is the biggest shake-up in privacy legislation and data management approach for many years. It will impact any organisation throughout the world that processes personal data relating to EU citizens. Organisations that breach the regulation can be fined up to four percent of their annual global turnover or […]… Read More

The post New EU General Data Protection Regulation (GDPR): An IT Security View appeared first on The State of Security.

from New EU General Data Protection Regulation (GDPR): An IT Security View

Advertisements

Women in Information Security: Keirsten Brager

My interviews with women and non-males in cybersecurity here on The State of Security have been very popular. Last month, when I looked for subjects for the third “Women in Information Security” series, I got an overwhelming response! The first person I interviewed for this next wave of interviews was security engineer Keirsten Brager. We had […]… Read More

The post Women in Information Security: Keirsten Brager appeared first on The State of Security.

from Women in Information Security: Keirsten Brager

The Most Egregious Data Breaches of the Last 4 Years

With the slew of massive data breaches in the news recently, like the HBO hacks or the Gmail phishing scam, many businesses may worry that they could be next. And while many breaches are easily preventable, many more are the result of complex, sophisticated cyber attacks that are hard to defend against. As more and […]… Read More

The post The Most Egregious Data Breaches of the Last 4 Years appeared first on The State of Security.

from The Most Egregious Data Breaches of the Last 4 Years

Tick, Tock on NIST 800-171 Compliance

If you have contracts with the United States Department of Defense (DoD) or are a subcontractor to a prime contractor with DoD contracts, your organization has until December 31, 2017, to implement NIST SP 800-171. This is a requirement that is stipulated in the Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012. In the context of […]… Read More

The post Tick, Tock on NIST 800-171 Compliance appeared first on The State of Security.

from Tick, Tock on NIST 800-171 Compliance

The HIPAA Compliance and Security Awareness Connection

The federal government continues to make one fact very, very clear: they do not take HIPAA violations lightly. So far this year, the U.S. Department of Health and Human Services’ (HHS) Office of Civil Rights (OCR), which enforces HIPAA rules and tracks health information data breaches, has settled nine HIPAA violation agreements with health care […]… Read More

The post The HIPAA Compliance and Security Awareness Connection appeared first on The State of Security.

from The HIPAA Compliance and Security Awareness Connection

GDPR Special: Murder on the Data Floor!

As I write this blog post, it’s nine months to the day until the General Data Protection Regulation (GDPR) comes into force in the UK on 25th May 2018. The title of this article works if you know the pop single “Murder on the Dance Floor”! It struck me as surprising when earlier this month, […]… Read More

The post GDPR Special: Murder on the Data Floor! appeared first on The State of Security.

from GDPR Special: Murder on the Data Floor!

August 2017: The Month in Ransomware

Although the ransomware industry has resumed growth after July’s decline, nothing game-changing happened in the online extortion ecosystem last month. There was an influx of new GlobeImposter ransomware variants and real-life spinoffs of the Hidden Tear proof-of-concept. The Locky strain geared up for another rise with its Lukitus persona. And a sample dubbed Defray targeted […]… Read More

The post August 2017: The Month in Ransomware appeared first on The State of Security.

from August 2017: The Month in Ransomware

Protecting Critical Infrastructure in the Age of IoT

Keeping up with advances in technology is like being a hamster on a wheel: the race never ends. But that drive is ultimately what yields innovative advances in IT – for both hackers and cyber professionals alike. We need to understand that we cannot control this evolution – neither its speed nor progress – but […]… Read More

The post Protecting Critical Infrastructure in the Age of IoT appeared first on The State of Security.

from Protecting Critical Infrastructure in the Age of IoT

The Cloud’s Shared Responsibility Model Explained

Over the past few months, the security industry has witnessed several major cloud data breaches. The Deep Root Analytics leak sent shockwaves across the cybersecurity community in June, as sensitive information on 197 million American voters was exposed. A few weeks later, data on six million Verizon users was exposed by Nice systems, a third-party […]… Read More

The post The Cloud’s Shared Responsibility Model Explained appeared first on The State of Security.

from The Cloud’s Shared Responsibility Model Explained

Diablo6 Ransomware Virus on the Loose

A ransomware virus is on the loose again! It has been a long time, but it seems that the notorious Locky virus is back with a new alteration. Its latest variant goes under the name .Diablo6 Virus Ransomware; it changes the extension of the files it encrypts to .Diablo6. It has just been freshly unleashed […]… Read More

The post Diablo6 Ransomware Virus on the Loose appeared first on The State of Security.

from Diablo6 Ransomware Virus on the Loose