Privacy-Practices-2

Meanwhile Back at the EU: Google Runs into Fundamental Privacy Rights

There’s been a long standing dispute between the EU regulators and Google over whether it could be forced to remove links from its web search results.  Today, the European Court of Justice issued a final ruling against Google. While this is being billed as a “right to be forgotten” victory, actually these words don’t appear…

Continue Reading

What You May Have Missed

What You May Have Missed

1. In the unregulated world of social media, the FTC has become the de facto enforcer of privacy. Snapchat is the photo sharing service that promised customers their photos and videos would automatically self-destruct. On Thursday, they admitted to the FTC that photos don’t actually disappear forever. As part of the FTC settlement, Snapchat agreed to be monitored by an independent auditor for the next 20 years.

Continue Reading

How to Best Apply SANS Critical Security Controls to Unstructured Human-Generated Data

The SANS Top 20 Critical Security Controls (CSC) have become a widely accepted strategy for protecting organizations against the most common security risks. They take a practical view of security that’s based on protecting against real-world threats—“offense informs defense”. Developed and maintained by an international group of organizations, government agencies, and security experts, the controls…

Continue Reading

tc-disrupt-2014

Privacy Becomes a Focus at TechCrunch Disrupt NY

When launching software in the get-it-out-the-door world of consumer apps, companies often give security and privacy a lower priority. Understandable, of course. It’s not that this isn’t considered, but it’s hard for many embryonic startups (and even some larger players) to implement privacy-by-design concepts when also having to deal with everything else. With that in…

Continue Reading

What You May Have Missed May 2 2014

What You May Have Missed

1. EdTech startup with plans to collect and analyze data from US schools closes down over privacy concerns. Several key states ultimately passed laws to prevent school districts from sharing student data with outside services, resulting in this startup dropping out of the student database business. 2. The White House’s Big Data report also includes…

Continue Reading

Varonis Data Governance Suite 5.9 is now GA

Data Governance Suite 5.9 is packed with new features, including DatAlert, which provides real-time alerts and data breach detection for file servers, NAS, Exchange, and SharePoint.

Continue Reading

767px-Siege_orleans

2014 Verizon DBIR: Year of Living Dangerously

One of the sure signs of spring, besides tulips and daffodils, is the release of the 2014 Verizon Data Breach Investigations Report. For those who are excited by survey methodology, this year’s report marks a dramatic change for the DBIR. They’re no longer sticklers about verifying breaches leading to actual data exposures, which limited the…

Continue Reading

Low_hanging_fruit_(grapes)

Insights from the SANS Survey on Event Logging

SANS Critical Security Controls (CSC) have been getting more attention over the last few years. As security experts come around to focusing on the actual techniques used by hackers, the SANS “offense informs defense” approach is resonating. And now with the 2014 Verizon Data Breach Investigations Report (DBIR), it has received a new and important endorsement….

Continue Reading

what you may have missed

What you may have missed

1. An awesome graphic of Heartbleed and security, depicting how the vulnerability works and a way to flag sites vulnerable to Heartbleed. 2. Despite the powers of big data, there are a few shortcomings that limit the accuracy for predicting flu epidemics. 3. Healthcare conference attendees believe privacy will crash big data if we don’t get it right. 4. Government public service…

Continue Reading