How to manage IT risk without killing innovation
Startup slogans are inescapable in tech: Move fast. Break things. Minimum viable product. These are exciting ideas, for sure, but to put them to use in IT, you’ll need to tailor them to your context. For IT executives running established businesses, the risk-reward scenario is different. Thousands or millions of customers depend on your infrastructure….
Cambridge Analytica Says it is ‘No Bond Villain’
Cambridge Analytica claimed Tuesday it was “no Bond villain” as it vehemently denied exploiting Facebook users’ data for the election campaign of US President Donald Trump. The marketing analytics firm stressed it had deleted data about Facebook users obtained in breach of the social network’s terms of service. The information had been gathered via a…
Largest inhibitor of cyber insurance market growth? Silent cyber risk
A new study of the UK cyber risk insurance and broker community reveals startling findings. First and foremost, the insurance industry needs to address non-affirmative cyber in a meaningful way. Second, measurement of cyber risk in financial terms is highly deficient among insurance customers and the insurance industry itself. More than three-quarters (77 percent) of UK cyber…
GDPR: It’s an issue of transparency
The General Data Protection Regulation (GDPR) has been on the lips of security professionals for a long time now – but in just over a month, it will become a reality. While it is easy to get stuck with reviewing the potential fines or setting up efficient security procedures to ensure compliance, many are still…
FDA plans to improve medical device cybersecurity
The US Food and Drug Administration (FDA) plans to tackle security issues related to medical devices and has released a plan of action it means to implement in the near future. Broadly, plan is as follows: Establish a robust medical device patient safety net in the US Explore regulatory options to streamline and modernize timely implementation of…
Tackle Five Top Security Operations Challenges With Threat Intelligence
“Knowledge is of no value unless you put it into practice.” When Russian author Anton Chekhov said this more than a century ago, he very well could have been speaking of threat intelligence. More than 80 percent of cybersecurity professionals polled by SANS (PDF) say that threat intelligence is providing them value. Most organizations are…
5 cybersecurity questions retailers must ask to protect their businesses
The Target breach in 2013 may not be the biggest retail breach in history, but for many retailers, it was their watershed moment. Point-of-sale (PoS) terminals were compromised for more than two weeks. 40 million card details and 70 million records of personal information swiped—part of which was “backlist,” historical transaction information dating back to more or less a…
One in 10 C-level execs say GDPR will cost them over $1 million
Companies are taking the new General Data Protection Regulation (GDPR) much more seriously than HIPAA and PCI: 99 percent are actively involved in the process to become GDPR-compliant, despite the cost and internal reorganization involved, a new survey that polled 300 C-level security executives has shown. About half (49 percent) are 75 percent of the…
Where Are You in Your GDPR Journey?
At first glance, it may seem strange to be asking you where you are in your GDPR journey when enforcement for the regulation begins on May 25 — which is now less than 60 days away. After all, GDPR was approved way back in April 2016, and here at IBM we’ve been talking and blogging…
Facebook Rolls Out ‘Data Abuse Bounty’ Program
The social media giant also got hit with a lawsuit the day before unveiling its new reward program. All eyes are on Facebook as the company wades its way through a sticky controversy centered on users’ privacy. As CEO Mark Zuckerberg testified before Congress this week regarding the Cambridge Analytica scandal, the social media giant…