Data privacy discussions must focus not just on collecting, storing and securing data, but also the impetus for doing so - and whether it is being done in an ethical manner, says consultant Thom Lagford, a former CISO, who addresses GDPR compliance issues.
New legislation introduced by Sen. Ron Wyden, D-Ore., would "bring meaningful punishments for companies that violate people's data privacy, including larger fines and potential jail time for CEOs," he says. But can Congress agree on a privacy law?
Twitter apologized on Tuesday for repurposing phone numbers provided by users for security features for use in targeted advertising, claiming the move was a mistake. Earlier, Facebook was reprimanded for a similar practice.
What's it like to serve in the dual roles of CISO and DPO? Gregory Dumont, who has both responsibilities at SBE Global, a provider of repair and after-sales service solutions to the electronics and telecommunication sectors, explains how the roles differ.
In today's shifting security and regulatory environment, ongoing third-party monitoring is crucial to compliance success. But how do you keep up with a constantly changing and growing list of vendors?
This session will outline the keys to third-party risk management success through a modern approach to monitoring...
Europe's top court has ruled that Google does not have to remove links to sensitive personal data globally under the EU's "right to be forgotten" requirements, saying the requirement only applies in Europe.
In an exclusive session, veteran CISO Thom Langford looks at what GDPR has influenced since its introduction, how this impacts security and privacy leaders across sectors, and where data protection regulation can go from here.
Langford is the founder of (TL)2 Security, a strategic Information security Consultancy. As...
Foxit Software, the developer of popular PDF and document software, says user accounts were compromised in a breach. The company, which has 560 million users, isn't saying how the breach occurred, how many accounts were affected or for how long.
Sweden's Data Protection Authority has issued its first fine for violations of the European Union's General Data Protection regulation after a school launched a facial recognition pilot program to track students' attendance without proper consent.
U.S. organizations were barely GDPR compliant in 2018, when California unveiled its own privacy legislation, the California Consumer Privacy Act, which goes into effect on Jan. 1, 2020. Yet, this is but one of several privacy laws being enacted across the U.S., and it poses many questions about the role of security to...
The latest edition of the ISMG Security Report analyzes the significance of fines against British Airways and Marriott for violations of the EU's GDPR. Also featured are discussions of California's privacy law as a model for other states and the next generation of deception technologies.
The data protection gloves have finally come off in Europe after GDPR enforcement began last May - the U.K.'s privacy watchdog has proposed large post-breach sanctions against British Airways and Marriott. Consider the tables now turned on firms that fail to properly safeguard personal data.
Britain's privacy watchdog says it plans to fine hotel giant Marriott $125 million under GDPR for security failures tied to a 2014 breach of the guest reservation database for Starwood, which Marriott acquired in 2016. Undiscovered until 2018, the breach exposed 339 million customer records.