Tag: Security Operations Management

(Jul 17, 2019) Large cloud computing services are generally run for multiple users. In a few cases, all the data processed by that service is public. In virtually all cases, users have an expectation that some of the information about them is kept private. Even if the data store itself is public, logs about access to that data are generally not. Keeping each person’s information separate is most simple in the primary data stores, where each object can easily have its own access control list. Once we step into... Read More

(Jul 17, 2019) Large cloud computing services are generally run for multiple users. In a few cases, all the data processed by that service is public. In virtually all cases, users have an expectation that some of the information about them is kept private. Even if the data store itself is public, logs about access to that data are generally not. Keeping each person’s information separate is most simple in the primary data stores, where each object can easily have its own access control list. However, most clou... Read More

(Jul 12, 2019) A new U.S. privacy framework is quickly approaching completion. The National Institute of Standards and Technology, which holds the drafting pen, is encouraging stakeholders to share their feedback soon. Since last October, NIST has been working to develop its Privacy Framework to help organizations identify, internalize and address privacy risk. On July 8 and 9, NIST presented its latest draft of the framework during a workshop in Boise, Idaho, and solicited feedback from participants. Througho... Read More

(Jul 12, 2019) A new U.S. privacy framework is quickly approaching completion. The National Institute of Standards and Technology, which holds the drafting pen, is encouraging stakeholders to share their feedback soon. Since last October, NIST has been working to develop its Privacy Framework to help organizations identify, internalize and address privacy risk. The framework presents the building blocks of a comprehensive data management program that can be implemented across an organization. NIST aims to bri... Read More

(Jun 27, 2019) For the second year running, the IAPP, together with TrustArc, surveyed 345 privacy professionals around the globe to gain an understanding of how privacy technology products are purchased and deployed within an organization. Since 2017, the IAPP has mapped out the privacy tech marketplace through the IAPP Privacy Tech Vendor Report, which identifies 10 categories of products. Like the 2018 survey, results this year shine a light on which products are in use and under whose budget privacy tech p... Read More

(Jun 12, 2019) Security firm Zimperium says most of the top banking apps have security flaws that put user data at risk, TechCrunch reports. Researchers found most banking apps do not follow best coding practices and use outdated open-source code, while some share customer data with advertisers. Both iOS and Android banking apps are affected, with the worst iOS app scoring 86 out of 100 on the risk scale for privacy issues; Android app scores for the same banking app were higher. Several iOS and Android bankin... Read More