French Court Slaps Down Google’s Appeal Against $57M GDPR Fine
France’s top court for administrative law has dismissed Google’s appeal of a $57 million fine. The penalty was for not providing “sufficiently clear” information to Android users how it processes their personal information, meaning it had not legally obtained their consent to use it for targeted ads. The court found the size of the fine […]
Here’s What John Bolton Had to Say About Cybersecurity Policy in His New Book
Among other topics covered by former national security adviser John Bolton in The Room Where It Happened: A White House Memoir, he says that...
A Report Blames “CIA Failures” for the Agency’s Worst Hack
A redacted report – portions included in a letter from Senator Ron Wyden (D–OR) to John Ratcliffe, Director of National Intelligence – indicates that “woefully lax” practices led to Wikileaks publishing as much as 34 terabytes of CIA information in 2017, it biggest data loss to date. Wyden noted that the problems were not limited […]
COVID-19 Is Forcing Hard Cybersecurity Choices
Jonathan Reiber of AttackIQ anticipates that pandemic relief spending will prevent implementation of most of the Cybersecurity Solarium Commission’s recommendations, and suggests that they be prioritized in the following order. First: Defend Forward. “The Commission rightly argues that deterrence hasn’t worked in the ‘gray zone’ — where competition is less intense than outright conflict,” Reiber […]
With Ransomware Attacks Increasing, Cyber Insurance Now Seen as A Necessity, Not a Luxury
Shawn Tuma of Spencer Fane LLP warns that ransomware attacks are happening exponentially more to small and midsize organizations all over the United States, and the impact can be devastating. Stressing the importance of insurance to recover financially from such an incident, Truna offers a series of questions to ask to increase protection and mitigate […]
A New CCPA Data Breach Lawsuit Is “Minted”
Online stationery and craft company Minted Inc. has been hit with a CCPA class action lawsuit, stemming from a massive data breach the company disclosed in late May. The proposed class action lawsuit, filed in a California federal court, claims that Minted Inc. failed to implement “reasonable security measures” and to properly encrypt certain personal […]
Is Iowa Going to Provide California-Style Data Privacy Rights?
The Iowa Legislature just wrapped up its 2020 session. In the end, the COVID-19 pandemic dictated much of this year’s legislative agenda. There is little doubt that this interrupted several legislative initiatives, including one that could have significantly changed the privacy rights of Iowans. Proposed early in March, the legislation could have required Iowa businesses […]
CMMC Regulations on the Way Despite Pandemic
Katie Arrington, CISO at the DoD office for acquisition and sustainment, said the Pentagon will begin rolling out the Cybersecurity Maturity Model Certification version...
NIST Releases Cybersecurity Guidance for Manufacturers of IoT Devices
As a part of its Cybersecurity for IoT Program, NIST recently released two publications with the goal of providing cybersecurity guidance and best practices specific for companies manufacturing IoT devices. These publications were developed as a part of NIST’s implementation of the 2017 Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. With […]
Feds, States Unveil Pilot Program Meant to Secure Voter Databases and Other Election Systems
Election officials and nonprofit security advocates led by the Center for Internet Security are beginning a pilot program for testing and verifying voter registration databases, election night reporting, and other systems meant to support the voting process. It will focus on making the software that’s used in election support systems more secure during development, before […]