Data privacy and Risk - Cyber Security Informer

Why DSPM is Essential for Achieving Data Privacy in 2024

Security Affairs

OCTOBER 23, 2024

It becomes increasingly difficult to gain complete visibility or transparency that could help security and privacy teams discover sensitive data, identify its security and compliance postures, and mitigate risks. To add to the difficulty, the advent of Generative AI (GenAI) has brought unprecedented security and privacy risks.

Data privacy

Data privacy Unstructured Data Risk Data breaches

AI-Powered GRC: Revolutionizing Risk Management and Compliance

SecureWorld News

JANUARY 14, 2025

In the rapidly evolving landscape of corporate governance, risk management, and compliance (GRC), artificial intelligence (AI) has emerged as a game-changing force. This technological leap allows organizations to identify patterns, predict potential risks, and automate routine compliance tasks with remarkable efficiency.

Risk

Risk Artificial Intelligence Data privacy Government

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

The Last Watchdog

JANUARY 9, 2023

As the world becomes more digital and connected, it is no surprise that data privacy and security is a growing concern for small to medium sized businesses — SMBs. Related: GDPR sets new course for data privacy. Let’s look at some of the challenges faced by SMBs in today’s data privacy landscape.

Data privacy

Data privacy Small Business Data collection Cyber Risk

Taiwan flags security risks in popular Chinese apps after official probe

Security Affairs

JULY 7, 2025

Taiwan warns Chinese apps like TikTok and WeChat pose security risks due to excessive data collection and data transfers to China. Basic InfoSec Testing Standard, they revealed major issues in personal data collection, permission abuse, and data sharing. Using the v4.0 ” continues the announcement.

Risk

Risk Data collection InfoSec Mobile

Delaware Personal Data Privacy Act (DPDPA)

Centraleyes

NOVEMBER 9, 2024

What is the Delaware Personal Data Privacy Act (DPDPA)? The Delaware Personal Data Privacy Act (DPDPA) is a state law created to protect the privacy of Delaware residents by regulating the collection, use, storage, and sharing of personal data by businesses. Who Must Comply With Delaware’s Privacy Act?

Data privacy

Data privacy Data collection Risk Accountability

Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks

Security Boulevard

JANUARY 8, 2025

The post Insecure Medical Devices Illumina DNA Sequencer Illuminates Risks appeared first on Security Boulevard. IEI-IEI, Oh: Running an obsolete OS, on obsolete hardware, configured with obsolete settings.

Risk

Risk Social Engineering Internet Internet

23andMe's Collapse Sparks Urgent Data Privacy Reckoning

SecureWorld News

MARCH 25, 2025

The recent bankruptcy of 23andMe, a once-pioneering consumer genetics firm, is sending shockwaves through the cybersecurity and data privacy community. The real risk: corporate collapse For Casey Ellis, founder of Bugcrowd, this isn't just a security storyit's a structural vulnerability in the digital age.

Data privacy

Data privacy Data breaches Passwords Cybersecurity

IBM Addresses AI, Quantum Security Risks with New Platform

Security Boulevard

OCTOBER 23, 2024

IBM is rolling out Guardian Data Security Center, a framework designed to give enterprises the tools they need to address the emerging cyberthreats that come the ongoing development of generative AI and quantum computing. The post IBM Addresses AI, Quantum Security Risks with New Platform appeared first on Security Boulevard.

Risk

Risk Data privacy Mobile Government

5 Best Practices for Data Privacy Compliance

Centraleyes

OCTOBER 28, 2024

With data breaches on the rise— over 3,200 incidents in the U.S. last year alone —businesses are increasingly under pressure to protect personal data and comply with evolving privacy regulations. Best Practices for Data Privacy Compliance Data privacy compliance tools protect sensitive information and build customer trust.

Data privacy

Data privacy Encryption Risk Data breaches

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

The Last Watchdog

JULY 5, 2022

The top reason, chosen from a proved list of ten, was ‘increased cyber security risks’, followed by the related concern, ‘new and/or increased data privacy regulations’. Context of risk. The Ukraine-Russia war is a grim example of geopolitical risk intersecting with cyber security risk. Cyber in a silo?

Cyber Risk

Cyber Risk Risk Marketing Data privacy

OneDrive File Picker Flaw Exposes Cloud Storage to Over-Permission Risks

SecureWorld News

MAY 29, 2025

A new report from Oasis Security reveals a critical security flaw in Microsoft's OneDrive File Picker, exposing users to significant data privacy and access control risks. This creates a window of risk not just for the file shared, but for everything stored in the user's drive.

Risk

Risk Data privacy Accountability Banking

Understanding Cyber Threats During the Holiday Season

Security Boulevard

DECEMBER 22, 2024

Understanding Cyber Threats During the Holiday Season Understanding Cyber Threats During the Holiday Season The holiday season, while festive, presents heightened cybersecurity risks for businesses. Cybercriminals exploit increased online activity and reduced vigilance during this period.

Cyber threats

Cyber threats Data privacy Risk Cybersecurity

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. GDPR: The landscape of data privacy and protection has never been more critical. Data Privacy Framework and implementing robust data security practices.

Data privacy

Data privacy Risk Surveillance Government

GUEST ESSAY: 5 tips for ‘de-risking’ work scenarios that require accessing personal data

The Last Watchdog

JANUARY 10, 2022

It’s possible to de-risk work scenarios involving personal data by carrying out a classic risk assessment of an organization’s internal and external infrastructure. Helping ensure data privacy. It is also possible to obfuscate personal data by replacing it with unique identifiers (UID). Randomizing data.

Risk

Risk Encryption Data privacy CISO

Opportunities and risks of AI coding assistants

BH Consulting

DECEMBER 6, 2024

However, a recent joint report by Frances National Cybersecurity Agency (ANSSI) and Germanys Federal Office for Information Security (BSI) highlights crucial security and privacy considerations for organisations adopting AI coding assistants. Developers and security teams should receive specific training on the risks and safe use of AI tools.

Risk

Risk Data privacy Information Security Software

Cybersecurity 2025: The Trends Defining Risk and How to Stay Ahead

Security Boulevard

JUNE 6, 2025

Cybersecurity 2025: The Trends Defining Risk and How to Stay Ahead Cybersecurity 2025: The Trends Defining Risk and How to Stay Ahead The rules of cybersecurity are shifting—again. The post Cybersecurity 2025: The Trends Defining Risk and How to Stay Ahead appeared first on Security Boulevard.

Risk

Risk Cybersecurity Data privacy Phishing

SMBs Know They’re At Risk, but Most Aren’t Embracing AI

Security Boulevard

MAY 8, 2025

The post SMBs Know Theyre At Risk, but Most Arent Embracing AI appeared first on Security Boulevard.

Risk

Risk Cyber threats Ransomware Data privacy

GUEST ESSAY: Privacy risks introduced by the ‘metaverse’ — and how to combat them

The Last Watchdog

OCTOBER 10, 2022

And instead of having to combine numerous data sources (like a smartphone, laptop, and wearable device) to build a user profile, VR constitutes a one-stop shop for all of the biometric, environmental, behavioral, and demographic data an application could ever hope to harvest. The story is not entirely pessimistic, however.

Risk

Risk Data privacy Data collection Technology

U.S. Lawmakers Push to Ban DeepSeek from Government Devices

SecureWorld News

FEBRUARY 6, 2025

The move comes amid growing concerns that DeepSeek's generative AI capabilities pose a national security risk due to its direct links to the Chinese Communist Party (CCP) and China Mobile, a Chinese government-owned entity already banned by the U.S. Federal Communications Commission (FCC) for security concerns. For the U.S. What's next?

Government

Government Artificial Intelligence Data privacy Mobile

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

Thales Cloud Protection & Licensing

NOVEMBER 26, 2024

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday josh.pearson@t… Tue, 11/26/2024 - 08:01 As Black Friday and Cyber Monday loom, the stakes for retailers extend far beyond enticing deals and record sales. trillion, the risk of a data breach extends beyond immediate financial losses. trillion and $5.28

Retail

Retail Cyber Risk Risk DDOS

Upcoming Speaking Engagements

Schneier on Security

SEPTEMBER 14, 2021

I’m speaking at the Cybersecurity and Data Privacy Law Conference in Plano, Texas, USA, September 22-23, 2021. I’m speaking at the fourth annual Managing Cyber Risk from the C-Suite conference—a virtual event conducted through Webex—on October 5, 2021. I’ll be speaking at an Informa event on November 29, 2021.

Data privacy

Data privacy Cyber Risk Risk Cybersecurity

The Dangers of AI Acceleration: Why a Deregulatory Stance Threatens Humanity

Jane Frankland

MAY 30, 2025

Everyone’s talking about AI aren’t they, and when I gave a keynote on Artificial Intelligence and cybersecurity recently, I relayed how the rise of AI has brought us to a pivotal moment in historya moment brimming with both extraordinary opportunity and unparalleled risk. AI amplifies these risks exponentially.

Risk

Risk Artificial Intelligence Government Technology

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. And industries like healthcare face persistent targeting due to their outdated systems and high-value data. Failure risks fines or supplier bans.

Cybersecurity

Cybersecurity CISO Risk Government

Top Cybersecurity Trends to Watch Out For in 2025

Centraleyes

DECEMBER 16, 2024

Tools like ChatGPT and Bard, powered by large language models, showcase how generative AI transforms business processesbut they also pose new risks. Securing these AI models and the data they generate. In a recent survey, 93% of respondents admitted to knowingly increasing their companys cybersecurity risks. The challenge?

Cybersecurity

Cybersecurity Insurance Cyber Insurance Technology

Sharing Information with AI and Understanding the Risks

ZoneAlarm

JANUARY 30, 2025

But as AI grows, so do the risks of sharing information with it. A new AI system called DeepSeek, developed in China, has raised fresh concerns about how information is … The post Sharing Information with AI and Understanding the Risks appeared first on ZoneAlarm Security Blog.

Risk

Risk Artificial Intelligence Data privacy

GUEST ESSAY: Addressing data leaks and other privacy, security exposures attendant to M&As

The Last Watchdog

JANUARY 27, 2022

At the same time, the acquired company needs to open access to critical systems in order to successfully transition all users and data into the acquiring company’s tech stack. So what are some of the specific security risks and challenges that organizations face and best practices to help close the cybersecurity gap in each stage?

Marketing

Marketing Data privacy Risk Accountability

Google Cloud Takes Steps to Guard Against Quantum Security Risks

Security Boulevard

FEBRUARY 24, 2025

Google Cloud is putting quantum-safe digital signatures into its Key Management Service, the latest steps int the cloud giant's plans to adopt post-quantum cryptography through its portfolio to mitigate security risks that likely will come with the arrival of fault-tolerant quantum computers.

Risk

Risk Data privacy Security Awareness Cybersecurity

Cities of the Future or Hacker’s Paradise? The Cybersecurity Risks of Smart Cities

Security Boulevard

JUNE 15, 2025

The Cybersecurity Risks of Smart Cities appeared first on Shared Security Podcast. The Cybersecurity Risks of Smart Cities appeared first on Security Boulevard. Our discussion covers how […] The post Cities of the Future or Hacker’s Paradise? The post Cities of the Future or Hacker’s Paradise?

Risk

Risk Cybersecurity Technology Hacking

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

When data breaches escalate, cyber-attacks grow more sophisticated, nation states ramp up their digital warfare, and regulations tighten the noose, staying ahead isnt just an optionits your only line of defence. Still, the top response stood out clearlyprotecting data privacy.

Cyber Risk

Cyber Risk CISO Risk Encryption

Zero-Click Flaw in Microsoft Copilot Illustrates AI Agent, RAG Risks

Security Boulevard

JUNE 13, 2025

Aim Security researchers found a zero-click vulnerability in Microsoft 365 Copilot that could have been exploited to have AI tools like RAG and AI agents hand over sensitive corporate data to attackers simply by issuing a request for the information in a specially worded email. Microsoft fixed the security flaw.

Risk

Risk Data privacy Security Awareness Mobile

Cybersecurity Snapshot: NIST Aligns Its Privacy and Cyber Frameworks, While Researchers Warn About Hallucination Risks from GenAI Code Generators

Security Boulevard

APRIL 18, 2025

Check out NISTs effort to further mesh its privacy and cyber frameworks. Plus, learn why code-writing GenAI tools can put developers at risk of package-confusion attacks. government is aligning two foundational privacy and cybersecurity frameworks. The NIST Privacy Framework 1.1

Risk

Risk Cybersecurity Data privacy Software

The Case for AI Centers of Excellence

SecureWorld News

NOVEMBER 1, 2024

fingerprint recognition) and are developed by your data scientists and business SMEs. From a risk standpoint, they are well-contained. Are the efficacy, legal, regulatory, reputation, cyber, and OpEx risks high? Are the risks, including the risks associated with not adopting the tech, measured and managed?

Government

Government Risk Architecture Technology

Sisense Hacked: CISA Warns Customers at Risk

Security Boulevard

APRIL 12, 2024

The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard. A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.”

Risk

Risk Hacking Government Digital transformation

How Security and Privacy Teams Break Barriers Together

Lenny Zeltser

JUNE 27, 2025

While cybersecurity and data privacy leaders have distinct expertise, our fundamental goals are aligned. By understanding each other’s perspectives and priorities, we can support each other to strengthen the organization’s cybersecurity and privacy programs. We also shared advice on making the most of either of these scenarios.

Data privacy

Data privacy Data collection CISO Cybersecurity

Maturing Your AI Vendor Security Assessment Process

SecureWorld News

JUNE 16, 2025

Imagine your customer data, sensitive internal documents, or proprietary algorithms being processed by a vendor's AI model. That's not just a data privacy headache—it's a potential PR disaster or compliance violation waiting to happen. AI-specific risks: Is the model biased? Not every AI-infused app poses high risk.

Risk

Risk InfoSec Encryption Data privacy

Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps

Security Boulevard

NOVEMBER 22, 2024

Don’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. OWASP — the Open Worldwide Application Security Project — released its first “Top 10 Risks for LLMs” last year. Meanwhile, procurement and risk managers can use the list when evaluating software vendors.

Cyber Risk

Cyber Risk Risk Cybersecurity Artificial Intelligence

Texas scrutinizes four more car manufacturers on privacy issues

Malwarebytes

JANUARY 24, 2025

Paxton did single out a few mobile apps and warned them that they were violating Texas data privacy law. But according to the press release from the Attorney General, Allstate and other insurers used what they alleged to be covertly obtained data to justify raising Texans insurance rates.

Manufacturing

Manufacturing Insurance Data collection Data privacy

Texas Passes Most Comprehensive AI Governance Bill

SecureWorld News

JULY 2, 2025

The law clearly states its intentions: " …to facilitate and advance the responsible development and use of artificial intelligence systems; to protect individuals and groups… from known and reasonably foreseeable risks… to provide transparency… and notice of use by state agencies." Only the AG can enforce. As of this morning, the U.S.

Government

Government Artificial Intelligence Risk Technology

Tile/Life360 Breach: ‘Millions’ of Users’ Data at Risk

Security Boulevard

JUNE 13, 2024

The post Tile/Life360 Breach: ‘Millions’ of Users’ Data at Risk appeared first on Security Boulevard. Location tracking service leaks PII, because—incompetence? Seems almost TOO easy.

Risk

Risk Social Engineering Data privacy Engineering

World Backup Day: A Clarion Call for Cyber Resilience

SecureWorld News

MARCH 31, 2025

To add more security, they should also be automated and encrypted to provide data privacy." Encryption and automation reduce the risk of human error and ensure consistency. Don't overlook mobile and shadow data Modern IT environments extend well beyond servers and cloud storage.

Backups

Backups Encryption Mobile CISO

‘Russia’ Breaches TeamViewer — ‘No Evidence’ Billions of Devices at Risk

Security Boulevard

JULY 1, 2024

The post ‘Russia’ Breaches TeamViewer — ‘No Evidence’ Billions of Devices at Risk appeared first on Security Boulevard. SolarWinds hackers strike again: Remote access service hacked—by APT29, says TeamViewer.

Risk

Risk Hacking Social Engineering Authentication

Google's $32 Billion Bet on Cybersecurity: What Wiz Acquisition Means

SecureWorld News

MARCH 19, 2025

Eric Schwake, Director of Cybersecurity Strategy at Salt Security, sees both benefits and risks in the deal. However, drawbacks include diminished competition, concerns regarding vendor lock-in, and heightened data privacy issues." One of the primary tenets of Wiz is equally securing every cloud.

Cybersecurity

Cybersecurity Marketing Data privacy Government

Why Data Sovereignty and Privacy Matter to You—Not Just Nations

Thales Cloud Protection & Licensing

JUNE 10, 2025

In the context of organizations, it means complying with data privacy and sovereignty laws in the various countries where they operate and ensuring that, through privacy and confidentiality, businesses can operate securely. What is Data Privacy? How do they tie together?

Data privacy

Data privacy Encryption Government Healthcare

A Deep Dive into the Last Vendor Breaches of 2024: What We Learned

Responsible Cyber

NOVEMBER 23, 2024

This escalation highlights the urgent need for organizations to prioritize the security of their vendor networks and assess their associated risks meticulously. Industries most affected by these breaches include healthcare, finance, and retail, where sensitive data is routinely shared with vendors for operational efficiency.

Risk

Risk Healthcare Education Cybersecurity

Why DSPM is Essential for Achieving Data Privacy in 2024

AI-Powered GRC: Revolutionizing Risk Management and Compliance

Trending Sources

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

Taiwan flags security risks in popular Chinese apps after official probe

Delaware Personal Data Privacy Act (DPDPA)

Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks

23andMe's Collapse Sparks Urgent Data Privacy Reckoning

IBM Addresses AI, Quantum Security Risks with New Platform

5 Best Practices for Data Privacy Compliance

GUEST ESSAY: Rising cyber risks make business intelligence gathering more vital than ever

OneDrive File Picker Flaw Exposes Cloud Storage to Over-Permission Risks

Understanding Cyber Threats During the Holiday Season

Increased GDPR Enforcement Highlights the Need for Data Security

GUEST ESSAY: 5 tips for ‘de-risking’ work scenarios that require accessing personal data

Opportunities and risks of AI coding assistants

Cybersecurity 2025: The Trends Defining Risk and How to Stay Ahead

SMBs Know They’re At Risk, but Most Aren’t Embracing AI

GUEST ESSAY: Privacy risks introduced by the ‘metaverse’ — and how to combat them

U.S. Lawmakers Push to Ban DeepSeek from Government Devices

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

Upcoming Speaking Engagements

The Dangers of AI Acceleration: Why a Deregulatory Stance Threatens Humanity

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

Top Cybersecurity Trends to Watch Out For in 2025

Sharing Information with AI and Understanding the Risks

GUEST ESSAY: Addressing data leaks and other privacy, security exposures attendant to M&As

Google Cloud Takes Steps to Guard Against Quantum Security Risks

Cities of the Future or Hacker’s Paradise? The Cybersecurity Risks of Smart Cities

Secure Communications: Relevant or a Nice to Have?

Zero-Click Flaw in Microsoft Copilot Illustrates AI Agent, RAG Risks

Cybersecurity Snapshot: NIST Aligns Its Privacy and Cyber Frameworks, While Researchers Warn About Hallucination Risks from GenAI Code Generators

The Case for AI Centers of Excellence

Sisense Hacked: CISA Warns Customers at Risk

How Security and Privacy Teams Break Barriers Together

Maturing Your AI Vendor Security Assessment Process

Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps

Texas scrutinizes four more car manufacturers on privacy issues

Texas Passes Most Comprehensive AI Governance Bill

Tile/Life360 Breach: ‘Millions’ of Users’ Data at Risk

World Backup Day: A Clarion Call for Cyber Resilience

‘Russia’ Breaches TeamViewer — ‘No Evidence’ Billions of Devices at Risk

Google's $32 Billion Bet on Cybersecurity: What Wiz Acquisition Means

Why Data Sovereignty and Privacy Matter to You—Not Just Nations

A Deep Dive into the Last Vendor Breaches of 2024: What We Learned

Stay Connected