The Federal Trade Commission (FTC) has approved a settlement with Canadian smart lock maker Tapplock, which allegedly falsely claimed that its devices were designed to be “unbreakable.”Toronto-based Tapplock, Inc. is an Internet of Things (IoT) technology company that provides smart security solutions for both business and end-users alike. It sells Internet-

In a letter to the U.S. House of Representatives, several Internet organizations are urging for an amendment to the surveillance bill known as the USA FREEDOM Reauthorization Act to prohibit warrantless collection of search and browsing history.Signed by Mozilla Corporation, Engine, Reddit, Reform Government Surveillance, Twitter, i2Coalition, and Patreon, t

May 25, 2020 marks the second anniversary of when the European Union’s General Data Protection Regulation (GDPR) took full effect. Undoubtedly, many organizations have succeeded in achieving compliance with the Regulation by now. But that raises some important questions.What benefits have those organizations experienced in achieving compliance, for instance?

In this final part of the series, I discuss why everyone should consider reviewing their OPSEC (Operations Security), not just those with something to hide.If you haven’t read the previous articles then please check them out first (Part I & Part II), as they provide key background information about the techniques discussed in this post.The processes desc

Information archiving firm Smarsh has acquired cybersecurity and compliance firm Entreda. The acquisition adds Entreda's 300 clients from the enterprise wealth management market to Smarsh's 6,000 financial services clients, while bringing new cybersecurity expertise to the secure collection, storage and management of enterprise data.Financial details of the

Zoom announced this week that on May 22 it will publish a detailed draft of the cryptographic design it plans on using for its upcoming end-to-end encryption feature.As a result of increased scrutiny from privacy and security experts — as well as hackers targeting meetings — Zoom has started making improvements to its platform and it has promised to implemen

Encrypted messaging service Signal has announced the introduction of a new feature that allows users to recover their data if they switch to a new device.Offering end-to-end encrypted conversations, Signal was built by default in such a manner that users’ information is always kept private and never sent to a server. What this means is that, if a user’s phon

Data security is on everyone’s mind these days, and for good reason. The number of successful data breaches is growing thanks to the increased attack surfaces created by more complex IT environments, widespread adoption of cloud services and the increasingly sophisticated nature of cybercriminals. One part of this story that has remained consistent over the

A coalition of consumer groups filed a complaint Thursday with US regulators claiming the popular video app TikTok has failed to live up to an agreement last year limiting data collection from children.The 20 organizations said in a Federal Trade Commission complaint that TikTok continues to collect data on children under 13 without parental consent despite

Cyber Security 101: How Much Do You Really Know? April 21st, 2020 No Comments Data Protection, Online Safety, PC security, Uncategorized Cyberattacks. We hear about them everywhere – from your neighbor whose son downloaded a video game that cr

The constantly changing threat landscape makes a robust security program a moving target. But defenders aren’t standing still — from advanced artificial intelligence (AI) to real-time threat detection and adaptive risk protection, cybersecurity services are evolving to offer IT teams the breadth of knowledge and depth of functionality they need to rall

There is no silver bullet when it comes to protecting sensitive data. No single security technology investment will eliminate the risk of data theft or a mistake exposing sensitive information. To proactively defend against attackers, enterprise security teams are learning that they need to collect and centralize security and compliance information from all

Penetration testing is no longer an extraordinary security engagement. Due to regulatory mandates, internal policies, business executive requests and the overall desire to avoid becoming the next breach victim, testing is now commonplace among many organizations. The kind of testing, however, can still be a question. Do you need ad hoc testing, that as-neede

According to a statistical research of the University of Portsmouth for the government of the UK, more than 80% of the cyber-attacks affecting businesses in the UK could have been prevented by the implementation of some basic security controls.To help organizations adopt good practices in information security, the UK government released a government-endorsed

I grew up watching professional football back in the 70s, when defenses were so good they had their own nicknames. The Pittsburgh Steelers had the “Steel Curtain,” the Miami Dolphins had the “No-Name Defense” and the Dallas Cowboys had the “Doomsday Defense.” The Cowboys’ defense was based on a newfangled concept cal