In the U.S., three states now have disparate data privacy laws - and more are coming. Meanwhile, China has enacted a new law that has global enterprises scrambling. How will these and other actions shape privacy discussions in 2022? Noted attorney Lisa Sotto shares insights.
U.S. President Joe Biden on Monday signed into law the National Defense Authorization Act for fiscal year 2022, which contains $768 billion in defense spending - 5% more than 2021 - and several cybersecurity provisions, including expansion of the Cybersecurity and Infrastructure Security Agency.
Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP, joins three ISMG editors to discuss important cybersecurity and privacy issues, including how U.S. enterprises are harmonizing three disparate privacy laws, and ransomware preparedness.
A federal grand jury has handed down a superseding indictment expanding the charges filed against Joe Sullivan, the former CSO of Uber, for his allegedly covering up a 2016 data breach at the ride-sharing service from authorities and paying "hush money" to two hackers. Sullivan denies the charges.
An Indian joint parliamentary committee has reintroduced set penalties for data violations after yielding to opposition demands. Some cyber law experts still believe it is unlikely organizations will be heavily penalized owing to deficiencies in the country's legal procedures.
The latest edition of the ISMG Security Report features an analysis of the Log4j security flaw, including the risks and mitigation techniques, how to patch Log4j, and CISO Dawn Cappelli on Log4j response.
Attackers tied to China, Iran, North Korea and Turkey have been targeting or testing exploits of the ubiquitous Apache Log4j vulnerability. Vendors are rushing to identify and patch supported software and hardware as cybersecurity agencies urge organizations to mitigate the threat and beware exploit attempts.
A zero-day vulnerability detected in the Java logging library Apache Log4j can result in full server takeover and leaves countless applications vulnerable, according to security researchers, who say that the easily exploitable flaw was first detected in the popular game Minecraft.
Good news on the breach prevention and incident response front: More businesses are getting more mature practices in place, although as attackers continue to improve their efforts, so too must defenders, says incident response expert Rocco Grillo of consultancy Alvarez & Marsal.
In October, Missouri's governor accused a journalist of hacking after he alerted the state to exposed personal information on a state education website. Now, emails reveal that state planned on thanking him before it chose to pursue prosecution and that the FBI immediately dismissed the incident.
The U.S. Transportation Security Administration has issued new security directives for higher-risk freight railroads, passenger rail, and rail transit that it says will strengthen cybersecurity across the transportation sector in response to growing threats to critical infrastructure.
Following the holiday recess, U.S. lawmakers are picking up several legislative priorities starting Monday, including progress on the annual defense spending bill, which contains amendments that would require incident reporting for critical infrastructure providers, among other measures.
The latest edition of the ISMG Security Report features an analysis of how organizations can reduce risk especially over holidays and weekends, when attackers are most likely to strike. Also featured: Highlights from Ireland's IRISSCON 2021 cybercrime conference; what's ahead for COVID-19 and the workplace?
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the status of the recommendations of the Cyberspace Solarium Commission today and what still needs to be enacted by the current Congress, addressing the increasing challenge of cyberattacks...
The specter of the May attack on Ireland's national health service loomed large at the IRISSCON 2021 cybercrime conference in Dublin, as cybersecurity experts gathered to detail the ongoing rise of ransomware and other types of online crime, as well as how to best combat such attacks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.