Data collection, Government and Technology

AI Governance

Centraleyes

MAY 27, 2024

What is the Centraleyes AI Governance Framework? The AI Governance assessment, created by the Analyst Team at Centraleyes, is designed to fill a critical gap for organizations that use pre-made or built-in AI tools. What are the requirements for AI Governance? The primary goals of the AI Governance assessment are threefold.

Government

Government Risk Technology Data collection

New survey shows US adults split on COVID-19 cell phone tracking and data collection

Tech Republic Security

MAY 8, 2020

Governments and organizations are unleashing new technologies to fight the spread of the coronavirus, adding to privacy and data collection concerns.

Data collection

Data collection Government Technology

OpenAI Is Not Training on Your Dropbox Documents—Today

Schneier on Security

DECEMBER 19, 2023

A society where big companies tell blatant lies about how they are handling our data—and get away with it without consequences—is a very unhealthy society. A key role of government is to prevent this from happening. ” These foundation models want our data. The corporations that have our data want the money.

Government

Government Banking Risk Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

ISO 42001

Centraleyes

MARCH 27, 2024

Artificial intelligence (AI) has emerged as a transformative technology, imbuing machines with human-like intelligence to perform tasks across various domains. However, with its exponential growth comes a pressing need for governance and regulation to ensure its responsible and ethical deployment. What is ISO 42001 (AI)?

Artificial Intelligence

Artificial Intelligence Risk Data collection Technology

Microsoft AI “Recall” feature records everything, secures far less

Malwarebytes

MAY 22, 2024

On Monday, the computing giant unveiled a new line of PCs that integrate Artificial Intelligence (AI) technology to promise faster speeds, enhanced productivity, and a powerful data collection and search tool that screenshots a device’s activity—including password entry—every few seconds.

Artificial Intelligence

Artificial Intelligence Passwords Accountability Media

NIST Report Highlights Rising Tide of Threats Facing AI Systems

SecureWorld News

JANUARY 17, 2024

Artificial intelligence (AI) promises to transform major sectors like healthcare, transportation, finance, and government over the coming years. National Institute of Standards and Technology (NIST). Continuous risk assessment and governance throughout the AI system lifecycle remains essential.

Artificial Intelligence

Artificial Intelligence Data collection Architecture Healthcare

China Data Security Law bars online companies with 1 million users

CyberSecurity Insiders

JANUARY 4, 2022

In simple words, online companies that have over one million users should go through a data processing activity taken up by Cyberspace Administration of China where it needs to submit details on how it collects, stores, uses, processes, transmits and discloses data to other governments when the need arises.

Data collection

Data collection Government Advertising Network Security

5G Security

Schneier on Security

JANUARY 14, 2020

Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give Beijing remote access. The technology will quickly become critical national infrastructure, and security problems will become life-threatening. What's more, U.S.

Data collection

Data collection Software Marketing Government

What’s in the NIST Privacy Framework 1.1?

Centraleyes

MARCH 14, 2024

The National Institute of Standards and Technology (NIST) plans to update the Privacy Framework to Version 1.1. However, in response to recent developments in information technology, including the release of NIST’s AI Risk Management Framework (AI RMF) and the initiation of an update to NIST’s Cybersecurity Framework (CSF) to Version 2.0,

Government

Government Risk Artificial Intelligence Cybersecurity

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

It's also why the United States has blocked the cybersecurity company Kaspersky from selling its Russian-made antivirus products to US government agencies. Meanwhile, the chairman of China's technology giant Huawei has pointed to NSA spying disclosed by Edward Snowden as a reason to mistrust US technology companies.

Surveillance

Surveillance Wireless Government Internet

Secret Service Investigates Breach at U.S. Govt IT Contractor

Krebs on Security

SEPTEMBER 9, 2019

Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. government IT contractor that does business with more than 20 federal agencies, including several branches of the military.

Cybercrime

Cybercrime Government Data collection Internet

NEW TECH: How a ‘bio digital twin’ that helps stop fatal heart attacks could revolutionize medicine

The Last Watchdog

DECEMBER 7, 2021

Without much fanfare, digital twins have established themselves as key cogs of modern technology. Related: Leveraging the full potential of data lakes. A digital twin is a virtual duplicate of a physical entity or a process — created by extrapolating data collected from live settings. This is very exciting stuff.

Engineering

Engineering Data collection Artificial Intelligence Technology

Europe Makes First Move Toward Regulating AI with EU AI Act

SecureWorld News

JUNE 16, 2023

The EU is attempting to provide guardrails on a technology that is still not well understood but does present a lot of concerns from a legal perspective," said Jordan Fischer, cyber attorney and partner at Constangy, who recently moderated a panel discussion on "The Future of Privacy and Cyber: AI, Quantum and Mind Readers" at SecureWorld Chicago.

Artificial Intelligence

Artificial Intelligence Technology CISO Government

SHARED INTEL: VCs pumped $21.8 billion into cybersecurity in 2021 — why there’s more to come

The Last Watchdog

JUNE 13, 2022

Among them: an expanding digital footprint, growing attack surfaces, and increasing government regulation. Still, given the impact data science has had on other areas of software development, it seems likely that in the coming years one or more of these proposed solutions will yield a significant improvement in identity management systems.

Cybersecurity

Cybersecurity Artificial Intelligence Software Marketing

News alert: NCA’s Data Privacy Week webinars highlight data protection for consumers, businesses

The Last Watchdog

JANUARY 23, 2024

Through Data Privacy Week we hope to inspire better data stewardship and empower people to reclaim control of their digital footprints, balancing innovation with privacy.” This even includes information about a person’s physical well-being, like health data from apps. Give Data Brokers the Slip!

Data privacy

Data privacy Education Artificial Intelligence Cybersecurity

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

Security Affairs

JUNE 19, 2021

The security breach took place on on May 14, and the institute discovered it only on May 31, then the research institute reported the incident to the government and launched an investigation. Early this month, researchers from Malwarebytes published a report on the Kimsuky APT’s operations aimed at South Korean government.

Hacking

Hacking VPN Internet Internet

China setting up data traps says UK

CyberSecurity Insiders

DECEMBER 1, 2021

UK’s top intelligence agency MI6 has made an astonishing revelation yesterday, saying that the Chinese intelligence has set up data and dept traps to conquer the entire world by conducting espionage and indulging in extortion tactics later. The post China setting up data traps says UK appeared first on Cybersecurity Insiders.

Artificial Intelligence

Artificial Intelligence Data collection IoT Cyber Attacks

GUEST ESSAY: California pioneers privacy law at state level; VA, VT, CO, NJ take steps to follow

The Last Watchdog

NOVEMBER 21, 2018

These regulations have certainly contributed to the movement towards consumerism and prompted businesses in the United States to rethink data collection and management, considering how violating these regulations could adversely affect their business and brand. For many, the answer is yes. If the U.S.

Data privacy

Data privacy Data collection Big data Government

China-linked hackers target telcos to steal 5G secrets

Security Affairs

MARCH 17, 2021

Chinese-language threat actors are targeting telecom companies, as part of a cyber espionage campaign tracked as ‘Operation Diànxùn,’ to steal sensitive data and trade secrets tied to 5G technology. Hackers behind these campaigns are targering people working in the telecom industry.

Malware

Malware Data collection Technology Phishing

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Security Affairs

SEPTEMBER 26, 2023

The Better Outcomes Registry & Network (BORN) is a program and database used in the healthcare sector, particularly in maternal and child health, to collect, manage, and analyze health information for the purpose of improving patient outcomes and healthcare services. million people.

Data breaches

Data breaches Healthcare Ransomware Hacking

Privacy predictions 2022

SecureList

NOVEMBER 23, 2021

Global connectivity underpins the most basic functions of our society, such as logistics, government services and banking. Governments in many countries push for easier identification of Internet users to fight cybercrime, as well as “traditional” crime coordinated online.

Government

Government Internet Internet Technology

Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

Security Affairs

JUNE 21, 2019

Turla (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ), has been active since at least 2007 targeting government organizations and private businesses. The three recent Turla campaigns targeted governments and international organizations worldwide.

Government

Government Advertising Hacking Data collection

The Ultimate ESG Audits Checklist

Centraleyes

NOVEMBER 20, 2023

ESG Disclosures According to the annual survey of sustainability professionals conducted by WSJ Pro in the spring of 2023, nearly 66% of respondents indicated that their respective companies disclosed information about environmental, social, and governance strategies. ESG Audit Checklist 1.

Government

Government Energy and Utilities Risk Technology

Navigating the Digital Landscape: Insights from the 2024 Thales Digital Trust Index

Thales Cloud Protection & Licensing

FEBRUARY 7, 2024

Consumer Expectations Privacy Rights and Seamless Online Experiences An overwhelming 87% of consumers expect privacy rights from online interactions, with the most significant expectations being the right to be informed about data collection (55%) and the right to data erasure (53%).

Media

Media Passwords Authentication Digital transformation

MY TAKE: Even Google CEO Sundar Pichai agrees that it is imperative to embed ethics into AI

The Last Watchdog

JULY 27, 2020

Either way, a singular piece of technology – artificial intelligence (AI) — is destined to profoundly influence which way we go from here. At the moment, there’s little to constrain corporations or government agencies from using AI however they want. based Hypergiant Industries, a supplier of AI technologies.

Surveillance

Surveillance Government Accountability Artificial Intelligence

Defining Good: A Strategic Approach to API Risk Reduction

Security Boulevard

JANUARY 18, 2024

Unfortunately, the security challenges associated with APIs can't be solved by simply updating existing testing tools and edge security defenses to check-the-box technologies that claim to provide "API security." API posture governance is foundational to behavioral threat protection. Assessing compliance with good.

Risk

Risk Government Artificial Intelligence Threat Detection

MY TAKE: ‘Network Detection and Response’ emerges as an Internet of Things security stopgap

The Last Watchdog

APRIL 9, 2020

Data collected by IoT devices will increasingly get ingested into cloud-centric networks where it will get crunched by virtual servers. And industry groups and government regulators are stepping up efforts to incentivize IoT device makers to embed security at the device level. There’s no stopping the Internet of Things now.

Internet

Internet Internet IoT Technology

Supply Chain Security 101: An Expert’s View

Krebs on Security

OCTOBER 12, 2018

— had allegedly inserted hardware backdoors in technology sold to a number of American companies. Sager said he hadn’t heard anything about Supermicro specifically, but we chatted at length about the challenges of policing the technology supply chain. Below are some excerpts from our conversation. TS: Exactly.

Computers and Electronics

Computers and Electronics Internet Internet Technology

Consent to gather data is a "misguided" solution, study reveals

Malwarebytes

FEBRUARY 13, 2023

When faced with technologies that are increasingly critical for navigating modern life, users often lack a real set of alternatives and cannot reasonably forgo using these tools," said Lina M. A person must also believe that companies will give them the freedom to decide whether to give up their data and when, Levine said.

Data collection

Data collection Insurance Technology Risk

Addressing the Unique Obstacles in Healthcare Through Policy-Based Access Control

CyberSecurity Insiders

OCTOBER 19, 2022

In particular, the need for smart technology that manages who can access what and when is at high demand within the healthcare industry. Data’s Lifetime Impact. The impact of valuable data isn’t lost on healthcare organizations, but the challenge they face is how to use data for future use.

Healthcare

Healthcare Data collection Data privacy Technology

Kaiser Permanente Discloses Data Breach Impacting 13.4 Million People

SecureWorld News

APRIL 29, 2024

"The presence of third-party trackers belonging to advertisers, and the over-sharing of customer information with these trackers, is a pervasive problem in both health tech and government space," said Narayana Pappu, CEO at Zendata. Protecting your information online starts with good cyber hygiene.

Data breaches

Data breaches Healthcare Identity Theft Advertising

How to Manage IAM Compliance and Audits

Centraleyes

MAY 20, 2024

It’s hard to tell a hacker from a legitimate user’s behavior using regular security procedures and technologies. The assessment takes into account governance, security, and identity management challenges. Your IAM security strategy should consider current technologies and any IAM systems you want to adopt.

Data breaches

Data breaches Accountability Authentication Healthcare

Left of SIEM? Right of SIEM? Get It Right!

Security Boulevard

JANUARY 12, 2022

In my opinion, this approach will help make your SIEM operation more effective and will help you avoid some still-not-dead misconceptions about this technology. Mostly data collection. Data collection sounds conceptually simple, but operationally it is still very difficult for many organizations. LEFT OF SIEM.

Data collection

Data collection Architecture Software Media

A chink in the armor of China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Nickel’s techniques vary, but in the end the group’s activity has only one objective, namely to implant stealthy malware for getting into networks, stealing data, and spying on government agencies, think tanks, and human rights organizations. A long list of IOCs can be found at the end of this write-up about Nickel by MSTIC.

Hacking

Hacking Malware Surveillance Data collection

The Best 10 Vendor Risk Management Tools

Centraleyes

MARCH 25, 2024

Centraleyes collects real-time threat intelligence from various sources, providing unparalleled visibility into potential vulnerabilities and gaps. The platform goes beyond data collection by automatically generating actionable remediation tasks with intelligent prioritization and efficient management.

Risk

Risk Data collection Architecture Government

GUEST ESSAY: 5 security steps all companies should adopt from the Intelligence Community

The Last Watchdog

DECEMBER 6, 2018

Businesses at large would do well to model their data collection and security processes after what the IC refers to as the “intelligence cycle.” This cycle takes a holistic approach to detecting and deterring external threats and enforcing best-of-class data governance procedures. infrastructure from cyber attacks.

Financial Services

Financial Services Data collection Manufacturing Cyber Attacks

Key Aspects of Data Access Governance in Compliance and Auditing

Centraleyes

MAY 23, 2024

What is Data Access Governance? 80% of digital organizations will fail because they don’t take a modern approach to data governance. Gartner) Data is widely recognized as the most valuable business asset. Data access governance is a subset of data governance.

Government

Government Backups Data privacy Accountability

Microsoft disrupts China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Nickel’s techniques vary, but in the end the group’s activity has only one objective, namely to implant stealthy malware for getting into networks, stealing data, and spying on government agencies, think tanks, and human rights organizations. A long list of IOCs can be found at the end of this write-up about Nickel by MSTIC.

Hacking

Hacking Malware Surveillance Data collection

Google to pay $40m for "deceptive and unfair" location tracking practices

Malwarebytes

MAY 23, 2023

Practices highlighted included “hard to find” location settings, misleading descriptions of location settings, and “repeated nudging” to enable location settings alongside incomplete disclosures of Google’s location data collection.

Advertising

Advertising Accountability Data collection Engineering

Coffee app in hot water for constant tracking of user location

Malwarebytes

JUNE 8, 2022

In reality, this level of data collection is not as uncommon as is being suggested. The app collects how much data? If you’re unfamiliar with how this technology typically operates, here’s a brief rundown: You enable Bluetooth on your phone. That’s one theory, anyway. That was expected behaviour.

Mobile

Mobile Data collection Advertising Marketing

Regional privacy but global clouds. How to manage this complexity?

Thales Cloud Protection & Licensing

MAY 31, 2022

More than 120 governments have already implemented data privacy regulation to that very purpose, as stated in Recital 1 of the GDPR in the EU (General Data Protection Regulation). Data controllers are accountable to the persons (consumers, citizens) or other organisations (customers) they serve as part of their purpose.

Data privacy

Data privacy Digital transformation Accountability Data collection

Volt Typhoon Disrupts US Organizations, CISA Issues Alerts

eSecurity Planet

FEBRUARY 16, 2024

government and defense institutions for intelligence gathering. Attacks on telecom corporations, government institutions, and utilities then followed in a predictable pattern. Reconnaissance Reconnaissance is the starting point of Volt Typhoon’s cyber campaign, characterized by thorough planning and data collection.

Internet

Internet Internet Cybersecurity Network Security

FBI: Cybercrime Shot Up in 2020 Amidst Pandemic

CyberSecurity Insiders

APRIL 12, 2021

billion in losses, according to data collected by the FBI’s The Internet Complaint Center (IC3). One of the most prevalent schemes seen during the pandemic has been government impersonators. Criminals are reaching out to people through social media, emails, or phone calls pretending to be from the government.

Cybercrime

Cybercrime Internet Internet Small Business

How we can secure the future of healthcare and telemedicine

CyberSecurity Insiders

MAY 14, 2021

These digital health technologies can improve access to health services, reduce costs, improve quality of care and enhance the efficiency of health systems. While the concept of telemedicine isn’t exactly new per se , the COVID-19 pandemic has really put the technology front and centre.

Healthcare

Healthcare IoT Technology Data collection

AI Governance

New survey shows US adults split on COVID-19 cell phone tracking and data collection

Webinars

Trending Sources

OpenAI Is Not Training on Your Dropbox Documents—Today

Webinars

ISO 42001

Microsoft AI “Recall” feature records everything, secures far less

NIST Report Highlights Rising Tide of Threats Facing AI Systems

China Data Security Law bars online companies with 1 million users

5G Security

What’s in the NIST Privacy Framework 1.1?

On Chinese "Spy Trains"

Secret Service Investigates Breach at U.S. Govt IT Contractor

NEW TECH: How a ‘bio digital twin’ that helps stop fatal heart attacks could revolutionize medicine

Europe Makes First Move Toward Regulating AI with EU AI Act

SHARED INTEL: VCs pumped $21.8 billion into cybersecurity in 2021 — why there’s more to come

News alert: NCA’s Data Privacy Week webinars highlight data protection for consumers, businesses

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

China setting up data traps says UK

GUEST ESSAY: California pioneers privacy law at state level; VA, VT, CO, NJ take steps to follow

China-linked hackers target telcos to steal 5G secrets

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Privacy predictions 2022

Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

The Ultimate ESG Audits Checklist

Navigating the Digital Landscape: Insights from the 2024 Thales Digital Trust Index

MY TAKE: Even Google CEO Sundar Pichai agrees that it is imperative to embed ethics into AI

Defining Good: A Strategic Approach to API Risk Reduction

MY TAKE: ‘Network Detection and Response’ emerges as an Internet of Things security stopgap

Supply Chain Security 101: An Expert’s View

Consent to gather data is a "misguided" solution, study reveals

Addressing the Unique Obstacles in Healthcare Through Policy-Based Access Control

Kaiser Permanente Discloses Data Breach Impacting 13.4 Million People

How to Manage IAM Compliance and Audits

Left of SIEM? Right of SIEM? Get It Right!

A chink in the armor of China-based hacking group Nickel

The Best 10 Vendor Risk Management Tools

GUEST ESSAY: 5 security steps all companies should adopt from the Intelligence Community

Key Aspects of Data Access Governance in Compliance and Auditing

Microsoft disrupts China-based hacking group Nickel

Google to pay $40m for "deceptive and unfair" location tracking practices

Coffee app in hot water for constant tracking of user location

Regional privacy but global clouds. How to manage this complexity?

Volt Typhoon Disrupts US Organizations, CISA Issues Alerts

FBI: Cybercrime Shot Up in 2020 Amidst Pandemic

How we can secure the future of healthcare and telemedicine

Stay Connected