Amazon reports that it's been fined 746 million euros ($885 million) under the European Union's General Data Protection Regulation for violating privacy rights in its advertising program. The company says it plans to appeal.
Often traditional compliance processes in place in the organisation cannot scale up to growing requirements and complexities. As a result, too much time is wasted on after-the-fact mitigation on audit findings. In a fast-paced environment, organisations would like to break free from reactive and manual solutions and...
Where were you on May 25, 2018? That was the day the EU's General Data Protection Regulation went into full effect. Three years later, some legal and privacy experts say that while the global privacy discussion and expectations have evolved, GDPR still has some growing up to do.
It's not just traditional data governance – it's about business risk. And in the age of GDPR and CCPA, you’d best have a handle on data discovery and classification. Patrick Benoit of CBRE gives the BISO's perspective on data risk governance.
Ireland's privacy regulator has launched an investigation into Facebook after personal information for 533 million of the social network's users appeared for sale online. It will analyze whether Facebook violated the country's data protection law or the EU's General Data Protection Regulation.
Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.
How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.
The 475,000 euro fine levied against Booking.com by Dutch privacy authorities should serve as a "wake-up call" for other companies when it comes to GDPR, some experts say. The company waited more than 20 days to report the breach to officials instead of the 72-hour window required under Europe's privacy law.
U.S. Rep. Suzan DelBene, D-Wash, has reintroduced a bill that would create a national-wide data privacy standard that in its latest incarnation makes an attempt to placate Republicans. The bill, if passed, would replace a patchwork of current state laws.
Download this eBook to help you guide through the transformational process required to achieve an intelligence-led security operation, detailing:
The challenges of compliance-based security
Why intelligence-led security drives a proactive security posture
The Mandiant framework for adopting an intelligence-led...
In our 22-criterion evaluation of GRC platform providers, we identified the 12 most significant ones — Enablon; Galvanize; IBM; LogicManager; MetricStream; NAVEX Global; Riskonnect; RSA, a Dell Technologies Company; SAI Global; SAP; ServiceNow; and Workiva — and researched, analyzed, and scored them. This report...
Thanks to growing demand for remote working and public cloud services, on-premises infrastructure is shifting from asset to liability. But moving to the cloud comes at a cost: increasing every organization’s attack surface. The numerous and well-publicized breaches of data storage services have raised cloud security...
Norway's privacy watchdog has proposed fining location-based dating app Grindr nearly $12 million after finding that it violated Europeans' privacy rights by sharing data with many more third parties than it had disclosed.
Privacy watchdogs in Europe have imposed fines totaling more than $330 million since the EU's General Data Protection Regulation went into full effect in May 2018, according to law firm DLA Piper. Over the past year, regulators received 121,000 data breach notifications, up 19% from the year before.
This edition of the ISMG Security Report features an analysis of the very latest information about the SolarWinds hack. Also featured are discussions of "zero trust" for the hybrid cloud environment and data privacy regulatory trends.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.in, you agree to our use of cookies.
