2018, Data breaches, Data collection and Risk

2018

Data breaches

Data collection

Risk

Fixing Data Breaches Part 2: Data Ownership & Minimisation

Troy Hunt

DECEMBER 19, 2017

Yesterday, I wrote the first part of this 5-part series on fixing data breaches and I focused on education. The next few parts of this series all focus on cures - how do we fix data breaches once bad code has already been written or bad server configurations deployed? Data Collection Should be Minimised, Not Maximisation.

Data breaches

Data breaches Data collection B2B Mobile

The CPRA compliance checklist every business should follow in 2023

CyberSecurity Insiders

MAY 2, 2023

It amends the 2018 California Consumer Privacy Act (CCPA) introduced in response to rising consumer data privacy concerns. It has significantly impacted data collection and handling practices, giving consumers more control over how businesses handle their data. On the other hand, the CPRA relies on opt-out consent.

Data collection

Data collection Data breaches Password Management Data privacy

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

GUEST ESSAY: A breakout of how Google, Facebook, Instagram enable third-party snooping

The Last Watchdog

OCTOBER 17, 2022

billion apps in 2021 alone, up more than 47 percent since 2018. This increased demand for apps also raises the need for improved data protection measures, which Google took steps to address with the new data safety section they launched in July 2022. percent) of the apps share user data with third parties.

Data privacy

Data privacy Media Data collection Data breaches

The end looms for Meta's behavioural advertising in Europe

Malwarebytes

AUGUST 4, 2023

After having taken Meta to task for various privacy violations and data breaches, Meta is now having to provide European users with a way to opt out of behavioural advertising. Two complaints from the European Center for Digital Right (NYOB) back in 2018 set the wheels in motion.

Advertising

Advertising Data breaches Data collection Marketing

New ‘digital trust exchange’ removes risks of managing PII of job applicants

SC Magazine

MARCH 30, 2021

In addition… you’ve got probably 3,000 pages of regulation of what the second party (the employer) and the third party (the credit bureau or background checking service) can and cannot do [with the data]… It’s a regulatory mess, and a huge liability risk for the employer or the institution that requested your information.

Risk

Risk Encryption Education Media

AON ACQUIRES CYTELLIGENCE, A LEADING INTERNATIONAL CYBER SECURITY FIRM WITH DEEP EXPERTISE IN CYBER INCIDENT RESPONSE AND DIGITAL FORENSIC INVESTIGATIONS

Cytelligence

FEBRUARY 4, 2020

Global cyber insurance premiums are expected to grow from $4 billion in 2018 to $20 billion by 2025. According to Aon’s 2019 Global Risk Management Survey , cyber-attacks were identified as a top ten risk facing organizations and is predicted to be one of the top three risks for organizations in 2022. “As

Penetration Testing

Penetration Testing Insurance Data preservation Cyber Insurance

Alleged FruitFly malware creator ruled incompetent to stand trial

Malwarebytes

JANUARY 16, 2024

“The attack vector included the scanning and identification of externally facing Mac services to include the Apple Filing Protocol (AFP, port 548), RDP, VNC, SSH (port 22), and Back to My Mac (BTMM), which would be targeted with weak passwords or passwords derived from 3rd party data breaches.”

Malware

Malware Passwords Identity Theft Data collection

Colorado’s new law ups need for privacy awareness training

SC Magazine

JULY 12, 2021

Jared Polis, at the time Colorado’s governor-elect, speaks at a 2018 election night rally. As a significant portion of privacy incidents happen from human error, training is critical to mitigating privacy risk within an organization,” said Berry. Governor Polis last week signed the Colorado Privacy Act into law. Photo by Rick T.

Education

Education Security Awareness Data privacy Social Engineering

What happened in privacy in 2022

Malwarebytes

JANUARY 20, 2023

Period-tracking app users scrambled to find the most secure app online , and one period-tracking app maker promised to encrypt user data so that, even if law enforcement made a request for their data, the data would be unintelligible. In August, the company confirmed a data breach that affected 5.4 million. .”

Data privacy

Data privacy Engineering Encryption Internet

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

Thales Cloud Protection & Licensing

JULY 11, 2019

Since the General Data Protection Regulation (GDPR) took effect on May 25th last year, data protection has become a very hot topic. On May 22, 2019, the European Commission published an infographic on compliance with and enforcement of the GDPR from May 2018 to May 2019 and it is clear that a lot of work still needs to be done.

Risk

Risk Encryption Accountability Government

Expanded New York Data Privacy Laws Loom in 2021

SecureWorld News

JANUARY 26, 2021

As part of the 2021 State of the State address, Governor Andrew Cuomo announced a comprehensive law that "will provide New Yorkers with transparency and control over their personal data and provide new privacy protections.". New York has already had laws on the books related to data security. The likelihood of success.

Data privacy

Data privacy Data collection Data breaches Cybersecurity

Survey Says…Cybersecurity Remains A Critical Challenge For Business

Privacy and Cybersecurity Law

MARCH 23, 2018

On March 14, 2018, IBM Security announced the results of a new global study on organizational cybersecurity readiness and resiliency entitled “The 2018 Cyber Resilient Organization.” These low results for cyber preparedness and resiliency present a significant risk for business.

Cybersecurity

Cybersecurity Artificial Intelligence Data breaches IoT

Cyber Security Informer

Fixing Data Breaches Part 2: Data Ownership & Minimisation

The CPRA compliance checklist every business should follow in 2023

Trending Sources

GUEST ESSAY: A breakout of how Google, Facebook, Instagram enable third-party snooping

The end looms for Meta's behavioural advertising in Europe

New ‘digital trust exchange’ removes risks of managing PII of job applicants

AON ACQUIRES CYTELLIGENCE, A LEADING INTERNATIONAL CYBER SECURITY FIRM WITH DEEP EXPERTISE IN CYBER INCIDENT RESPONSE AND DIGITAL FORENSIC INVESTIGATIONS

Alleged FruitFly malware creator ruled incompetent to stand trial

Colorado’s new law ups need for privacy awareness training

What happened in privacy in 2022

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

Expanded New York Data Privacy Laws Loom in 2021

Survey Says…Cybersecurity Remains A Critical Challenge For Business

Stay Connected