Tag: GDPR
-
Digital health can’t scale if cybersecurity falls behind
Tags: access, ai, attack, breach, cloud, compliance, control, cyber, cyberattack, cybersecurity, data, detection, encryption, endpoint, exploit, framework, GDPR, governance, government, healthcare, HIPAA, identity, infection, intelligence, malicious, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, strategy, technology, threat, training, virus, vulnerability, zero-trustThe unique vulnerabilities of AI systems: Traditional security frameworks are not enough for AI. Attacks on algorithms take subtler forms. I often explain to my clients that when you corrupt data, you corrupt intelligence. Data poisoning occurs when malicious data is inserted into the training process, teaching the AI to make wrong decisions later. Imagine…
-
Clearview AI faces criminal heat for ignoring EU data fines
Noyb says New York-based facial recognition biz flouted GDPR orders and kept scraping anyway First seen on theregister.com Jump to article: www.theregister.com/2025/10/28/noyb_criminal_charges_clearview/
-
Volvo’s recent security breach: 5 tips to speed incident response while preserving forensic integrity
Tags: access, automation, breach, business, cio, ciso, cloud, compliance, control, cyber, cybersecurity, data, data-breach, detection, endpoint, finance, framework, gartner, GDPR, guide, incident, incident response, insurance, metric, mitigation, nist, resilience, risk, risk-management, saas, security-incident, siem, soar, supply-chain, vulnerabilityIdentify and catalog your evidence sources in advance (endpoints, memory, logs, cloud assets)Stage scripts or agents that can snapshot memory and archive logs immediately when an IR trigger firesMake forensic collection part of containment, not something you tack on afterwardModern approaches and even NIST’s updated guidance emphasize that evidence gathering should begin during, not after,…
-
Volvo’s recent security breach: 5 tips to speed incident response while preserving forensic integrity
Tags: access, automation, breach, business, cio, ciso, cloud, compliance, control, cyber, cybersecurity, data, data-breach, detection, endpoint, finance, framework, gartner, GDPR, guide, incident, incident response, insurance, metric, mitigation, nist, resilience, risk, risk-management, saas, security-incident, siem, soar, supply-chain, vulnerabilityIdentify and catalog your evidence sources in advance (endpoints, memory, logs, cloud assets)Stage scripts or agents that can snapshot memory and archive logs immediately when an IR trigger firesMake forensic collection part of containment, not something you tack on afterwardModern approaches and even NIST’s updated guidance emphasize that evidence gathering should begin during, not after,…
-
Ransomware recovery perils: 40% of paying victims still lose their data
Tags: access, attack, authentication, backup, breach, business, ceo, crypto, cyber, cybersecurity, data, data-breach, encryption, extortion, finance, GDPR, group, incident response, insurance, leak, mfa, privacy, ransom, ransomware, resilience, risk, risk-management, service, threat, updateAdditional recovery pressures: Modern ransomware attacks now routinely involve double or triple extortion whereby attackers threaten to leak stolen data or launch distributed denial of service (DDoS) attacks even after payment.This fundamentally changes the calculus on what victims can expect in cases where they decide to make a ransomware payment, which more often than not…
-
Ransomware recovery perils: 40% of paying victims still lose their data
Tags: access, attack, authentication, backup, breach, business, ceo, crypto, cyber, cybersecurity, data, data-breach, encryption, extortion, finance, GDPR, group, incident response, insurance, leak, mfa, privacy, ransom, ransomware, resilience, risk, risk-management, service, threat, updateAdditional recovery pressures: Modern ransomware attacks now routinely involve double or triple extortion whereby attackers threaten to leak stolen data or launch distributed denial of service (DDoS) attacks even after payment.This fundamentally changes the calculus on what victims can expect in cases where they decide to make a ransomware payment, which more often than not…
-
Experian Fined Euro2.7m For GDPR Breach in Netherlands
The Dutch Data Protection Authority issued Experian a Euro2.7m for GDPR violations including excessive collection of personal data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/experian-fined-gdpr-breach/
-
What Is Shadow AI and Why It Matters? FireTail Blog
Tags: access, ai, breach, business, chatgpt, compliance, data, email, framework, GDPR, governance, leak, monitoring, nist, office, regulation, risk, technology, tool, trainingOct 16, 2025 – Alan Fagan – What Is Shadow AI and Why It Matters – FireTail Blog Quick Facts: Shadow AI Shadow AI is when employees use AI tools within an organization without IT or compliance approval. Shadow AI often leads to data leaks, compliance gaps, and security risks. Examples include entering sensitive data…
-
What Is Shadow AI and Why It Matters? FireTail Blog
Tags: access, ai, breach, business, chatgpt, compliance, data, email, framework, GDPR, governance, leak, monitoring, nist, office, regulation, risk, technology, tool, trainingOct 16, 2025 – Alan Fagan – What Is Shadow AI and Why It Matters – FireTail Blog Quick Facts: Shadow AI Shadow AI is when employees use AI tools within an organization without IT or compliance approval. Shadow AI often leads to data leaks, compliance gaps, and security risks. Examples include entering sensitive data…
-
Sovereign Data, Sovereign Access: Introducing Modern FIDO Authentication for SAS PCE
Sovereign Data, Sovereign Access: Introducing Modern FIDO Authentication for SAS PCE andrew.gertz@t“¦ Mon, 10/13/2025 – 14:53 Discover how Thales empowers enterprises with sovereign access through FIDO authentication in SAS PCE”, ensuring secure, phishing-resistant identity control for hybrid environments. Identity & Access Management Access Control Guido Gerrits – Field Channel Director, EMEA More About This Author…
-
Microsoft ‘illegally’ tracked students via 365 Education, says data watchdog
Redmond argued schools, education authorities are responsible for GDPR First seen on theregister.com Jump to article: www.theregister.com/2025/10/13/microsoft_365_education_gdpr/
-
The CIA triad is dead, stop using a Cold War relic to fight 21st century threats
Tags: ai, backup, breach, business, ceo, ciso, compliance, csf, cyber, cybersecurity, data, data-breach, deep-fake, firewall, framework, fraud, GDPR, governance, infrastructure, ISO-27001, nist, privacy, ransomware, regulation, resilience, sbom, software, supply-chain, technology, threat, zero-trustRansomware is not just an availability problem. Treating ransomware as a simple “availability” failure misses the point. Being “up” or “down” is irrelevant when your systems are locked and business halted. What matters is resilience: the engineered ability to absorb damage, fail gracefully, and restore from immutable backups. Availability is binary; resilience is survival. Without…
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
Thales Named a Leader in the Data Security Posture Management Market
Tags: access, ai, attack, breach, cloud, compliance, container, control, cybersecurity, data, data-breach, defense, detection, encryption, finance, GDPR, google, Hardware, identity, intelligence, law, microsoft, monitoring, network, office, privacy, regulation, resilience, risk, soc, software, strategy, technology, threat, toolThales Named a Leader in the Data Security Posture Management Market madhav Thu, 09/25/2025 – 06:15 Most breaches begin with the same blind spot: organizations don’t know precisely what data they hold, or how exposed it is. Value and risk sit side by side. Data Security Todd Moore – Global VP of Data Security Products…
-
Top 10 Best Cybersecurity Compliance Management Software in 2025
Cybersecurity compliance has become a mission-critical part of modern business operations. With the rise of data privacy laws, global regulations, and increasing cyber threats, organizations need reliable compliance management software to stay secure and audit-ready. The best compliance platforms streamline frameworks like SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and more while automating workflows,…
-
Turning Regulation Into an Industry Advantage
Resilionix’s Heather Lowrie on Embracing GDPR as Tool for Change and Resilience. In a modern regulatory environment, compliance is no longer just an exercise in ticking off boxes. Thanks to GDPR, financial services firms are shifting from a reactive mindset to a more proactive approach to compliance that focuses on risk management, said Heather Lowrie,…
-
Beyond GDPR security training: Turning regulation into opportunity
Discover how GDPR compliance can spark real growth and give you a competitive advantage with practical strategies and a strong security culture. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/beyond-gdpr-security-training-turning-regulation-into-opportunity/
-
Meet the unsung silent hero of cyber resilience you’ve been ignoring
Tags: ai, blockchain, compliance, computing, cyber, cybersecurity, defense, detection, dora, framework, GDPR, governance, infrastructure, iot, monitoring, network, PCI, regulation, resilience, technology, toolFixing this isn’t complicated. It just needs your focused attention: First, secure your sources. Forget public NTP servers from dubious origins. Instead, choose authenticated and secure protocols, such as NTP or Network Time Security (NTS). These protocols offer encrypted and tamper-resistant synchronization, ensuring that your clocks can’t be easily spoofed.Next, redundancy matters. Don’t rely on…
-
Ensuring security in a borderless world: The 30th anniversary of Schengen system
Tags: access, ai, cloud, compliance, computing, control, country, cyber, cybersecurity, data, dora, encryption, framework, GDPR, infrastructure, mfa, network, nis-2, office, privacy, regulation, resilience, technology, tool, update -
Cooking with Code: A DevOps Kitchen Secured by Thales
Tags: access, ai, api, cctv, cloud, compliance, control, data, encryption, GDPR, identity, infrastructure, injection, least-privilege, malicious, mfa, military, monitoring, PCI, service, software, strategy, tool, waf, zero-day, zero-trustCooking with Code: A DevOps Kitchen Secured by Thales madhav Tue, 08/19/2025 – 05:13 In today’s hyperconnected digital world, deploying applications is a lot like running a high-performance, Michelin-star kitchen. You need the right setup, a disciplined process, and seamless coordination, where every tool, role, and task moves in harmony, executed flawlessly. Speed and precision…
-
New State Privacy Laws Going into Effect in 2025: What You Need to Know
Key Takeaways The Patchwork of U.S. Privacy Laws If you’ve been tracking U.S. privacy law, you already know that there’s no single national rulebook. Instead, we’re living in a growing mosaic of state-by-state legislation. Some states aim for GDPR-style rights and transparency. Others focus narrowly on age-appropriate design or limiting targeted ads. Some carve out……
-
8 trends transforming the MDR market today
Tags: access, ai, at&t, attack, automation, breach, cloud, compliance, control, cyber, cybersecurity, data, detection, edr, endpoint, framework, GDPR, google, identity, infrastructure, intelligence, iot, least-privilege, monitoring, mssp, network, nis-2, ransomware, risk, service, siem, soc, sophos, strategy, technology, threat, tool, zero-trustDigital transformation complexifies the attack surface: As businesses modernize their IT environments, the complexity of securing hybrid and cloud-native infrastructures increases, making MDR an attractive option for scalable, expert-led protection, experts say.The shift to hybrid work, IoT adoption, and an increase in cloud migrations have dramatically expanded attack surfaces, while ransomware and AI-powered attacks constantly…
-
GDPR violations prompt Germany to push Google and Apple to ban DeepSeek AI
Germany asked Google and Apple to remove DeepSeek AI from their app stores, citing GDPR violations over unlawful data collection and transfers to China. The Berlin Commissioner for Data Protection requested Google and Appleto remove the DeepSeek AI app from their app stores due to GDPR violations. On May 6, 2025, Berlin’s Data Protection Commissioner…