The European Union (EU)’s General Data Protection Regulation (GDPR) isn’t just a European concern. As GDPR-U.S. interactions become more complex, international businesses (including American ones) must comply with this regulation when handling data from EU citizens. If your company collects, processes, or stores data from the EU or European Economic Area (EEA)—including Iceland, Norway, and…
Category: Governance, Risk & Compliance
Best Practices, Compliance, Explainers, Global Security News, Governance, Risk & Compliance, Security Bloggers Network
What PCI Attestation of Compliance Is and How to Get It
Every time a customer swipes their credit card, they trust that business to protect their sensitive payment information against mishandling or fraud. But proving that trust in the right place requires certification. The post What PCI Attestation of Compliance Is and How to Get It appeared first on Security Boulevard.
Application Security, bytedance, children, Children and smartphones, china, chinese government, Cloud Security, Cyberlaw, Cybersecurity, Data Privacy, DevOps, disinformation, Donald Trump, Endpoint, Featured, Global Security News, Governance, Risk & Compliance, Humor, Incident Response, Industry Spotlight, malware, misinformation, Mobile Security, Most Read This Week, Network Security, News, online disinformation, Popular Post, president donald trump, president trump, privacy, Protecting Americans from Foreign Adversary Controlled Applications Act, SB Blogwatch, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Social disinformation, Social Engineering, social media, socialmedia, Spotlight, Spyware, Threats & Breaches, TikTok, TikTok Ban, Trump, vulnerabilities, Won’t somebody think of the children?
Trump U-Turn: TikTok’s On-Again/Off-Again U.S. Ban
Not For You: The Protecting Americans from Foreign Adversary Controlled Applications Act shouldn’t be enforced, orders President Trump. The post Trump U-Turn: TikTok’s On-Again/Off-Again U.S. Ban appeared first on Security Boulevard.
Cloud Security, Cybersecurity, data leakage, Data Privacy, Data Security, Featured, Generative AI risks, Global Security News, Governance, Risk & Compliance, Mobile Security, Network Security, News, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threat Intelligence
Almost 10% of GenAI Prompts Include Sensitive Data: Study
A study by cybersecurity startup Harmonic Security found that 8.5% of prompts entered into generative AI models like ChatGPT, Copilot, and Gemini last year included sensitive information, putting personal and corporate data at risk of being leaked. The post Almost 10% of GenAI Prompts Include Sensitive Data: Study appeared first on Security Boulevard.
Asia Pacific, Biden administration, china espionage, Cloud Security, Cybersecurity, Data Security, Endpoint, Featured, Global Security News, Governance, Risk & Compliance, Incident Response, Industry Spotlight, Network Security, News, OFAC Sanctions, Salt Typhoon cyberattack, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threats & Breaches
U.S. Treasury Sanctions Chinese Individual, Company for Data Breaches
The U.S. Treasury sanction a Chinese bad actor for participating in the hack of the agency’s networks and a Chinese for its involvement with Salt Typhoon’s attacks on U.S. telecoms. Meanwhile, the FCC calls for stronger cybersecurity measures for ISPs. The post U.S. Treasury Sanctions Chinese Individual, Company for Data Breaches appeared first on Security…
AI Security, Biden National Cybersecurity Strategy, Cloud Security, Cyberlaw, Cybersecurity, Data Privacy, Data Security, DevOps, Donald Trump, Featured, foreign threat actors, Global Security News, Governance, Risk & Compliance, Mobile Security, Network Security, News, secure software supply chain, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight
The Good, the Bad, and the Politics of Biden’s Cybersecurity Order
President Biden in the last few days of his administration issued an expansive cybersecurity EO that touched on issues like software supply chain, AI, and foreign adversaries. Many approved of the effort, though there were concerns that the incoming administration will simply shelve it. The post The Good, the Bad, and the Politics of Biden’s…
Application Security, Biden, Biden administration, Biden National Cybersecurity Strategy, Biden-Harris, china, China-linked Hackers, China-nexus cyber attacks, Cloud Security, Cyberlaw, Cybersecurity, Data Privacy, Data Security, DevOps, Endpoint, executive order cybersecurity, executive order on cybersecurity, Featured, Federal Government, Global Security News, Governance, Risk & Compliance, Humor, Identity & Access, Incident Response, Industry Spotlight, IoT & ICS Security, Joe Biden, malware, Mobile Security, Most Read This Week, Network Security, News, Peoples Republic of China, Popular Post, President Biden, president cybersecurity executive order, presidential executive order cybersecurity, SB Blogwatch, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Social Engineering, Spotlight, Threats & Breaches, US Federal Government, vulnerabilities, White House, white house executive order cybersecurity framework
This is HUGE: Biden’s Cybersecurity Exec. Order — Big Parting Gift to Trump
Wow. Just Wow.: Joseph Robinette Biden Jr. hits the emergency “do something” button. The post This is HUGE: Biden’s Cybersecurity Exec. Order — Big Parting Gift to Trump appeared first on Security Boulevard.
Allstate, Analytics & Intelligence, android spyware, Arity, automaker, Car, cars, cellular IoT, cellular IoT security, Chrysler, Cloud Security, Connected Cars, Consumer IoT, Cyberlaw, Cybersecurity, Data Privacy, DevOps, Dodge, Endpoint, Featured, Fiat, Fuel Rewards, GasBuddy, Global Security News, Governance, Risk & Compliance, Humor, Incident Response, Industry Spotlight, insurance, Insurance Companies, insurance company, internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, iOS spyware, IoT, IoT & ICS Security, Jeep, Lexus, Life360, malware, Maserati, Mazda, Mobile Security, Most Read This Week, mozilla, Mozilla Foundation, New Cars, News, Popular Post, privacy, Privacy4Cars, RAM, Routely, SB Blogwatch, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Social Engineering, Spotlight, Spyware, Stellantis, Texas Data Privacy and Security Act, Threat Intelligence, Threats & Breaches, Toyota, vehicle, vehicle cybersecurity, vehicle OTAs
Allstate Violates Drivers’ Privacy, Texas AG Alleges
Don’t Mess With Texas Privacy: “We will hold all these companies accountable,” rants state attorney general Ken Paxton (pictured). The post Allstate Violates Drivers’ Privacy, Texas AG Alleges appeared first on Security Boulevard.
CISA, Cloud Security, critical infrastructure assets, Cybersecurity, Data Security, Featured, Global Security News, Governance, Risk & Compliance, Incident Response, Industry Spotlight, malware, Network Security, News, Salt Typhoon cyberattack, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threat Intelligence, Threats & Breaches, Volt Typhoon
Critical Infrastructure Seeing Benefits of Government Program, CISA Says
CISA in two years has seen the number of critical infrastructure organizations signing up for its CPG services double, which has improved the overall security in most sectors, but more needs to be done to strengthen what has become a target adversarial state-sponsored threat groups. The post Critical Infrastructure Seeing Benefits of Government Program, CISA…
Cybersecurity, Featured, Global Security News, Governance, Risk & Compliance, Healthcare, News, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight
HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare Breach
The new rules come in the wake of the Change Healthcare breach, which exposed the electronic personal health information of about 100 million Americans. The post HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare Breach appeared first on Security Boulevard.
Application Security, biomedical, biomedical devices, commercial iot security, Cyberlaw, Cybersecurity, Data Privacy, Data Security, DevOps, DNA, DNA Data, Endpoint, Family Tree DNA, Featured, Global Security News, Governance, Risk & Compliance, Hackable Medical Devices, Humor, Incident Response, industrial internet of things, Industry Spotlight, internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, internetof things, internetofthings, internte-of-things, Intranet of Things, IoT, IoT & ICS Security, medical, medical data, medical device, medical device security, Medical Devices, Medical devices cyber security, medical equipment, Most Read This Week, Network Security, News, Popular Post, Ransomware, Ransomware of Things, SB Blogwatch, secure boot, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Social Engineering, Spotlight, Threats & Breaches, vulnerabilities
Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks
IEI-IEI, Oh: Running an obsolete OS, on obsolete hardware, configured with obsolete settings. The post Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks appeared first on Security Boulevard.
Global Security News, Governance, Risk & Compliance, Security Bloggers Network, security operations
Compliance as cybersecurity: A reality check on checkbox risk management
In the world of cybersecurity, compliance is a no-brainer. Adhering to corporate and regulatory compliance standards is critical for enterprises. And while compliance does not ensure active and constant protection against cybersecurity threats, it’s a standard to aim for that can ensure stealthier cybersecurity for enterprises. Chris Hughes, CEO of Aquia, said in a recent…
Application Security, Cariad, CCC, Chaos Computer Club, Cloud Security, connected car security, Connected Cars, connected vehicle, Connected Vehicles, connected-car, Cyberlaw, Cybersecurity, Data Privacy, Data Security, DevOps, electric vehicle, electric vehicle security, electric vehicles, Featured, Global Security News, Governance, Risk & Compliance, Humor, Identity & Access, Incident Response, Industry Spotlight, IoT & ICS Security, Mobile Security, Most Read This Week, motor vehicle, Network Security, News, Popular Post, SB Blogwatch, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, software-defined vehicles, Spotlight, Threats & Breaches, vehicle, vehicle cybersecurity, Volksdaten, Volkswagen, vulnerabilities
VW Cars Leak Private Data of 800,000 — ‘Volksdaten’
Cariad, VW Group’s software arm, made this classic error. The post VW Cars Leak Private Data of 800,000 — ‘Volksdaten’ appeared first on Security Boulevard.
Global Security News, Governance, Risk & Compliance, Security Bloggers Network, security operations
The year in ransomware: Security lessons to help you stay one step ahead
Operation Cronos, a Europol-led coalition of law enforcement agencies from 10 countries, announced in February that it had disrupted LockBit — one of the most prolific ransomware gangs in the world — at “every level” of its operations. Being responsible for 25% to 33% of all ransomware attacks in 2023, LockBit had become target No.…
Careers, CISO, CISO Talk, Cloud Security, Cybersecurity, Data Security, Featured, Global Security News, Governance, Risk & Compliance, Identity & Access, Incident Response, Industry Spotlight, Network Security, News, Security Boulevard (Original), security responsibility, Social - Facebook, Social - LinkedIn, Social - X, solarwinds attack, Spotlight, vulnerabilities
Charges Against CISOs Create Worries, Hope in Security Industry: Survey
A survey of IT security pros by cybersecurity firm BlackFog found that 70% of them said federal cases like that against SolarWinds’ CISO hurt their opinion about the position, but some said they expected the boards of directors would take the issues of security more seriously. The post Charges Against CISOs Create Worries, Hope in…
AI, AI (Artificial Intelligence), AI hallucination, AI Misinformation generative AI, Application Security, artifical intelligence, Artifical Stupidity, Artificial Artificiality, Artificial Intelligence, Artificial Intelligence (AI), Artificial Intelligence (AI)/Machine Learning (ML), Artificial Intelligence Cybersecurity, artificial intelligence in cybersecurity, artificial intelligence in security, artificial intellignece, Artificial Stupidity, Cloud Security, CVE, CVE (Common Vulnerabilities and Exposures), Cybersecurity, cybersecurity risks of generative ai, Data Privacy, Data Security, DevOps, Endpoint, Featured, Gen AI, GenAI, genai-for-security, generative ai, generative ai gen ai, Generative AI risks, generative artificial intelligence, Global Security News, Governance, Risk & Compliance, Humor, Identity & Access, Incident Response, Industry Spotlight, IoT & ICS Security, Large Language Model, large language models, Large Language Models (LLM), Large language models (LLMs), LLM, LLM Platform Abuse, llm security, Mobile Security, Most Read This Week, Network Security, News, Popular Post, SB Blogwatch, Security Boulevard (Original), Seth Larson, Social - Facebook, Social - LinkedIn, Social - X, Social Engineering, Spotlight, Threats & Breaches, vulnerabilities
AI Slop is Hurting Security — LLMs are Dumb and People are Dim
Artificial stupidity: Large language models are terrible if you need reasoning or actual understanding. The post AI Slop is Hurting Security — LLMs are Dumb and People are Dim appeared first on Security Boulevard.