Delayed enforcement of the "strong customer authentication" requirements for online transactions under the European Union's PSD2 regulation is hampering efforts to enhance security. That's why the European Banking Authority should act quickly to develop a new timeline.
The city of Baltimore's ransomware outbreak - $18 million in costs and counting - led to many crypto-locked files being lost forever, because no IT policy mandated centralized file backups. But effective IT solutions exist to help solve this challenge, provided they're deployed in advance of an attack.
The latest edition of the ISMG Security Report features an analysis of Donald Trump's comments about "the server" in a discussion with the president of Ukraine. Also: insights on "privacy by design" and highlights of ISMG's Cybersecurity Summit in Toronto.
Why did U.S. President Donald Trump discuss cybersecurity firm CrowdStrike with the president of Ukraine, saying "the server, they say Ukraine has it"? Experts say Trump appears to be referring to one or more conspiracy theories, none of which have a basis in reality.
APT groups that are backed by the Russian government rarely share code with each other, fostering a competitive landscape, according to a new report. This shows that Russia is willing to push the limits of its sophisticated cyber capabilities, researchers conclude.
Technology companies often don't build in controls to protect privacy during the application development process, says Jason Cronk, a lawyer and privacy engineer. But using "privacy by design" principles during software development can help avoid trouble, he says.
Europe's top court has ruled that Google does not have to remove links to sensitive personal data globally under the EU's "right to be forgotten" requirements, saying the requirement only applies in Europe.
Facebook says it has suspended tens of thousands of apps as part of its ongoing investigation into data misuse that grew out of the Cambridge Analytica scandal. The company won't disclose the affected apps, but an unsealed court filing says it has suspended 69,000.
A misconfiguration in a Google Calendar function that allows Google to index calendars raises serious privacy concerns because it could lead to inadvertent, broad public exposure of calendars that contain sensitive information, including corporate details, a researcher reports.
Artificial intelligence technologies that provide surveillance capabilities can have upsides as well as downsides. Unfortunately, as developers and governments rush to experiment, security, privacy, data protection and liability questions remain unanswered.
The FBI has issued hundreds of subpoenas to major banks, the big three credit rating agencies and other corporations as part of an ongoing counterterrorism program that collects personal and financial data, the New York Times reports.
Governments are rapidly adopting AI surveillance technology to advance political goals, according to a new report from the Carnegie Endowment for International Peace. While Chinese suppliers dominate, liberal democracies and authoritarian regimes alike are developing and procuring such technology.
Ignoring a breach disclosure can have ugly consequences. Case in point: Lumin PDF, a PDF editing tool, which saw data for much of its user base - about 24.3 million - published in an online forum late Monday. Data breach expert Troy Hunt says it's sign of the dysfunction in the breach disclosure process.