Search Results for: gdpr

Over the weekend, Mark Zuckerberg set out what he described as "four ideas to regulate the internet". Were these ideas put forth by someone else, it might be possible to refer to this as an impassioned plea -- but this is Zuckerberg we're talking about.

He suggests GDPR-style privacy regulation in the US. He wants more control of hate speech. He believes more needs to be done about political advertising, particularly around the time of elections. And he likes the idea of data portability. These are reasonable ideas and -- importantly -- there is nothing to stop Facebook from implementing them now. To lead the way. There is no need to call for, or wait for, legislation.

Continue reading →

Every year, the RSA Conference grows in size, reflecting the ever-increasing prominence of the central topic it covers, cybersecurity. The cybersecurity extravaganza brings together thought leaders and companies from all around the globe for five days of keynote speeches and breakout sessions that provide seemingly endless opportunities to learn something new. As one of the largest security events in the United States, it helps attendees connect with cybersecurity luminaries, potential clients, and industry movers-and-shakers (perhaps over a happy hour drink or two).

Don’t worry if you weren’t able to attend or couldn’t digest all of the information presented -- with so many in-conference events, it’s practically impossible. The following are two top trends you can learn from RSA 2019:

Continue reading →

A badly configured server at Gearbest, the Chinese purveyor of technology and other stuff online, has leaked millions of user profiles and order details.

White hat hacker Noam Rotem discovered an Elasticsearch server that was -- indeed still is at the time of writing -- leaking millions of records each week. These include customer data, orders, and payment records. The server wasn't protected with a password, potentially allowing anyone to search its data.

Continue reading →

From September this year the second Payment Services Directive (PSD2) comes into force across the EU. This will require payment service providers to offer strong customer authentication (SCA) and third-party access to bank accounts or risk losing their their payment provider license.

But a new report today from fraud prevention company iovation suggests that stricter requirements for fraud prevention in Europe will drive fraud to other regions such as the US.

Continue reading →

Data should underlie every business decision. Yet too often some very human cultural artifacts really lead the business down certain routes where it moves away from modelling decisions on the best data. It’s only human. Yet to be a better human guiding the corporate machine we need to transcend the way "we’ve always done it".

In the data age gut, tradition, and inertia shouldn’t be why strategic decisions are made. And yet, hand on heart, we all continue to do it, because that’s part of being human. Well, it’s time to be more than human, time to get creative. Time to smash the way "we’ve always done it." Time to apply some creative destruction to break down the worst parts of making decisions within organizations, and start using the data, technology, and creativity that lies around us, untapped.

Continue reading →

New research into consumer trust and spending habits by contact center payment security company PCI Pal shows 62 percent of Americans report that they will stop spending with a brand for several months following a hack or breach, versus 44 percent of Brits.

But when the British do react they do so for the long term, 41 percent of British consumers never return to a brand after a hack compared to only 21 percent of Americans.

Continue reading →

Opera Software has unveiled no fewer than 24 improvements since launching its mobile browser for Android and iOS. The latest build, Opera Touch 1.5.0 delivers a much-needed setting for automatically handling website cookie dialogs.

Other improvements since launch have included expanding the My Flow feature to connect mobile and desktop iterations of Opera, support for Private Browsing mode and a dark theme

Continue reading →

The latest Symantec Annual Threat Report reveals that cybercriminals are continuing to follow the money, but as ransomware and cryptojacking show falling returns they are turning to other techniques.

One of these is formjacking -- essentially virtual ATM skimming -- where cybercriminals inject malicious code into retailers' websites to steal shoppers' payment card details.

Continue reading →

With growing security threats and compliance being taken seriously, companies are more aware than ever of the need to protect their data.

This means hackers must work harder to try to steal information and contact centers are in the front line. We spoke to Ben Rafferty, chief innovation officer at security and compliance specialist Semafone to find out how contact centers are under threat and what can be done to protect them.

Continue reading →

Website tags, small pieces of JavaScript code or small images, are often used to collect information about users. But they can add to load times and if misused can be a security risk too.

A new study from digital governance specialist Crownpeak reveals over 1,700 'dark web' tags found on websites belonging to companies in the Fortune 100, causing a total average website latency of 5.2 seconds.

Continue reading →

We won’t get a proper look at iOS 13 until Apple reveals it later in the year, but that isn’t going to stop people from coming up with some ideas of how the mobile operating system should look.

Just a couple of weeks ago we saw one iOS 13 concept video, and now another has surfaced. A collaboration between AppleiDesigner and Skyline News, this latest concept is packed with ideas to get excited about for iPhone and iPad users alike -- a redesigned status bar, system-wide dark mode, some great-looking wallpapers, and customizable lock screen elements.

Continue reading →

A disgruntled security researcher has revealed a one-click exploit that takes advantage of a macOS vulnerability to reveal all of the passwords stored in a Mac's keychain.

Linus Henze developed an exploit tool called KeySteal that uses a 0-day bug to extract keychain passwords on macOS Mojave and older. He stresses that neither root access nor administrator privileges are required, and no password prompts are generated by the tool. Henze is not going to help Apple to fix the problem because the company does not offer a bug bounty program for macOS.

Continue reading →

Most organizations are currently in the process of investigating, planning, or deploying artificial intelligence (AI) implementations, but there’s a problem: businesses -- or even AI designers -- don’t understand how or why the AI arrived at a specific decision. This is a big hurdle for businesses who want to begin relying on AI-based dynamic systems for their decision making. In fact, a recent PwC survey found that 37 percent of executives said ensuring AI systems were trustworthy was their top priority, and 61 percent would like to create transparent, explainable, and provable AI models.

The need for transparent, explainable AI goes beyond individual business preferences. Interpretability, fairness, and transparency of data-driven decision support systems based on AI and machine learning are serious regulatory mandates in banking, insurance, healthcare, and other industries. In addition, regulations like GDPR’s right to explanation clause or the upcoming California Consumer Privacy Act will compel businesses to know what their AI algorithms are thinking. The solutions to these issues of trust and explainability typically have been to stick with simpler models, improving transparency at the expense of accuracy. From my perspective, understanding how to create trust -- more so than creating transparency -- in AI is going to be crucial to success.

Continue reading →

While it’s essential that employees consistently avoid taking risks that could lead to a data breach, even top-performing employees don’t necessarily have top-notch cybersecurity knowledge. Thus, organizations are in charge of bridging the cybersecurity skill gap to keep employees from damaging the company’s network by accidentally uploading of a malicious program or sharing confidential documents with the wrong people.

Though it’s easy for IT and leadership teams to put systems in place that defend their network from external threats, well-intentioned internal users can be a hackers easy way in. The only way for organizations to counter this is with education and training.

Continue reading →

The introduction of new regulatory and privacy laws around the world is forcing companies to become more aware of the personal customer info they are holding, but it can be hard to identify sensitive information.

AI-based compliance platform Cognigo is launching a new data protection capability that can differentiate between sensitive and non-sensitive data based on language context.

Continue reading →