Let’s Get More Serious About AR and Privacy

frogs-love-valentine-s-day-pose

Augmented Reality (AR) is the technology of the moment. While some of us have already experienced the thrill of catching a Dragonite in Pokemon Go, AR is not just all fun and games. In fact, depending on how an AR gadget is used, it can have significant privacy implications.

Continue Reading →

American Health Insurance Plans Stay Secure With Varonis

ahip

For any organization in the health insurance industry, security is a top priority. American Health Insurance Plans (AHIP) understood the need to enforce security within its organizations in order to stay safe from insider threats. That’s when extensive search led to the implementation of Varonis Data Transport Engine, DatAdvantage, and DatAlert. AHIP was formed in […]

Continue Reading →

Podcast Episode #18 – Excellent Adventures at Black Hat

best-inside-out-security-show

Hackers, Executives, Military Folks, IT People who work in Insurance, even Cab Drivers all had something to teach us about security and privacy at the latest Black Hat event in Vegas.

Continue Reading →

EU GDPR Spotlight: 72-Hour Breach Notification Rule

lawyer

One of biggest and more controversial changes in the EU General Data Protection Regulation (GDPR) is the requirement for companies to report breaches of consumer personal data.  Fortunately, we recently had the chance to talk with an expert on GDPR compliance to find out some of the subtler details. “Likely to Affect” The first key […]

Continue Reading →

Top Minds in PCI Compliance

pci-people-feature

With countless data breaches hitting the front page, many are turning to the Payment Card Industry Data Security Standard (PCI DSS) which is an invaluable controls list to guide, influence, and promote security. However, there are merchants who argue that these controls provide too much security while security professionals think they provide too little. So […]

Continue Reading →

HHS to Investigate Smaller HIPAA Privacy Breaches

apothecary-pharmacy-chemist-mortar-and-pestle-39522

As  a reader of this blog, you know all about Health and Human Services’ (HHS) wall of shame. That’s where breaches involving protected health information (PHI) affecting 500 or more records are posted for the world to see. It’s actually a requirement of HIPAA – technically the HITECH Act. But now there’s been a slight […]

Continue Reading →

Podcast Episode #17 – More Articles on Privacy by Design than Implementation

inside-out-security-show

Going from policy to implementation is no easy feat because some have said that Privacy by Design is an elusive concept. In this episode, we meditated on possible solutions such as incentivizing and making privacy as the default setting. We even talked about the extra expense of having a Privacy by Design mindset. What do you […]

Continue Reading →

Podcast Episode #16 – Threatbusters

ioss

If there’s something strange on your network, who should we call? The security team! Well, I like to think of them as Threatbusters. Why? They’re insatiable learners and they work extremely hard to keep security threats at bay. In this episode, we talk about awesome new technologies(like computer chips that self-destruct and ghost towns that […]

Continue Reading →

New SamSam Ransomware Exploiting Old JBoss Vulnerability

mask-anonymous

One of the lessons learned from the uptick in ransomware attacks is that it pays to keep your security patches up to date. A few months ago the SamSam/Samas malware was (and is still) having great success primarily against healthcare companies and hospitals. The attack vector, though, was not based on phishing or social engineering. […]

Continue Reading →

Six Authentication Experts You Should Follow

authentication

Our recent ebook shows what’s wrong with current password-based authentication technology. But luckily, there are a few leading experts that are shaping the future of the post-password world. Here are six people you should follow: 1. Lorrie Cranor @lorrietweet Lorrie Cranor is a password researcher and is currently Chief Technologist at the US Federal Trade Commission. She is […]

Continue Reading →

Summer Reminder: Cloud Storage Ain’t All That Private

door-green-closed-lock

I’ve written before about the lack of privacy protections for consumers storing content in the cloud. In looking back over my notes, I’d forgotten just how few cloud privacy rights we have in the real world. Using the typical terms of service (ToS) from some major providers as a benchmark, your rights to the uploaded […]

Continue Reading →