Data collection, Government and Risk - Cyber Security Informer

Insurance and Ransomware

Schneier on Security

JULY 1, 2021

To overcome these challenges and champion the positive effects of cyber insurance, this paper calls for a series of interventions from government and industry. To date, the UK government has taken a light-touch approach to the cyber insurance industry. Often, that’s paying the ransom.

Insurance

Insurance Cyber Insurance Ransomware Marketing

Texas is the first state to ban DeepSeek on government devices

Security Affairs

FEBRUARY 2, 2025

Texas bans DeepSeek and RedNote on government devices to block Chinese data-harvesting AI, citing security risks. Texas and other states banned TikTok on government devices. The AI-powered chatbot, recently launched globally, has rapidly gained popularity reaching millions of users. reads the announcement.

Government

Government Artificial Intelligence Media Data collection

How boards can manage digital governance in the age of AI

BH Consulting

MARCH 26, 2025

This rapid transformation creates a challenge for boards tasked with balancing emerging risks and strategic opportunities. In a presentation titled Digital governance for boards and senior executives: AI, cybersecurity, and privacy , she called on her extensive experience advising boards on these areas.

Government

Government Artificial Intelligence Risk Digital transformation

Privacy and Security of Data at Universities

Schneier on Security

NOVEMBER 9, 2018

The boundaries between research and grey data are blurring, making it more difficult to assess the risks and responsibilities associated with any data collection. Many sets of data, both research and grey, fall outside privacy regulations such as HIPAA, FERPA, and PII.

Data collection

Data collection Cyber Risk Risk Government

AI Governance

Centraleyes

MAY 27, 2024

What is the Centraleyes AI Governance Framework? The AI Governance assessment, created by the Analyst Team at Centraleyes, is designed to fill a critical gap for organizations that use pre-made or built-in AI tools. What are the requirements for AI Governance? The primary goals of the AI Governance assessment are threefold.

Government

Government Risk Technology Data collection

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

Security Affairs

OCTOBER 30, 2023

Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the WeChat and Kaspersky applications on government-issued mobile devices due to privacy and security risks.

Mobile

Mobile Government Data collection Antivirus

5G Security

Schneier on Security

JANUARY 14, 2020

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give Beijing remote access. What's more, U.S.

Data collection

Data collection Software Marketing Government

OpenAI Is Not Training on Your Dropbox Documents—Today

Schneier on Security

DECEMBER 19, 2023

A society where big companies tell blatant lies about how they are handling our data—and get away with it without consequences—is a very unhealthy society. A key role of government is to prevent this from happening. On a personal level we risk losing out on useful tools.

Government

Government Banking Risk Internet

Differences in App Security/Privacy Based on Country

Schneier on Security

SEPTEMBER 30, 2022

Users in countries not covered by data protection regulations, such as GDPR in the EU and the California Consumer Privacy Act in the U.S., are at higher privacy risk. One hundred and three apps have differences based on country in their privacy policies.

Mobile

Mobile Internet Internet VPN

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

There is definitely a national security risk in buying computer infrastructure from a country you don't trust. It's also why the United States has blocked the cybersecurity company Kaspersky from selling its Russian-made antivirus products to US government agencies. The risk of discovery is too great, and the payoff would be too low.

Surveillance

Surveillance Wireless Government Internet

Crooks target DeepSeek users with fake sponsored Google ads to deliver malware

Security Affairs

MARCH 27, 2025

In January, Italys Data Protection Authority Garante asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data. Texas and other states banned TikTok on government devices. ” concludes the alert.

Malware

Malware Data collection Advertising Media

Canada is going to ban TikTok on government mobile devices

Security Affairs

MARCH 1, 2023

The Canadian government announced it will ban the video app TikTok from all government-issued devices over security concerns. The app will be removed from government devices this week. The app “presents an unacceptable level of risk to privacy and security,” explained Canada’s chief information officer.

Mobile

Mobile Government Data collection Data privacy

3 ways China's access to TikTok data is a security risk

CSO Magazine

AUGUST 15, 2022

have questioned its data collection practices and potential ties to the Chinese state. The concerns have deepened after Buzzfeed published a report saying that data of some American users had been repeatedly accessed from China. Both lawmakers and citizens in the U.S. user traffic to servers operated by Oracle.

Data collection

Data collection Risk Government

The Best 10 Vendor Risk Management Tools

Centraleyes

MARCH 25, 2024

Let’s discuss an acronym reshaping the business world: Vendor Risk Management , or VRM. With supply chains extending across multiple regions and involving numerous third-party vendors, organizations face unprecedented challenges in managing vendor risks effectively. What risks are you facing?

Risk

Risk Data collection Architecture Government

Cybersecurity Weekly Update – 24 February 2025

Security Boulevard

FEBRUARY 23, 2025

Home Office Contractor's Data Collection Sparks Privacy Concerns The Home Office faces scrutiny after revelations that its contractor, Equifax, collected data on British citizens while conducting financial checks on migrants applying for fee waivers.

Cybersecurity

Cybersecurity Government Data collection Encryption

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Security Affairs

NOVEMBER 6, 2024

The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc. However, the government pointed out that Canadians can still access and use TikTok by choice, the use of a social media platform is a personal choice. ” reads the statement published by Canadian Government.

Government

Government Mobile Media Technology

Norway suspends its COVID-19 contact tracing app due to privacy concerns

Security Affairs

JUNE 16, 2020

On Friday, the Norwegian Data Protection Authority (Norwegian: Datatilsynet) issued a warning that it would stop the Norwegian Institute of Public Health from handling data collected via Smittestopp contact tracing app. Only 600,000 citizens out of Norway’s 5.4 million inhabitants had been using the contact tracing app.

Data collection

Data collection Advertising Government Technology

The State of Digital Trust in 2025 - Consumers Still Shoulder the Responsibility

Thales Cloud Protection & Licensing

MARCH 19, 2025

In 2024, 44% of consumers globally trusted banks with their personal data, but by 2025, this figure dropped to 32% for those aged 1624. While insurers benefit from regulatory oversight like the banking sector, persistent friction points like opaque claims processes and intrusive data collection eroded goodwill.

Insurance

Insurance Banking Authentication Data privacy

IATA Cyber Regulations

Centraleyes

DECEMBER 11, 2024

Governments and regulatory authorities may also mandate compliance with IATA standards to align with broader cybersecurity strategies. These include: Cybersecurity Risk Assessment: Organizations must perform a comprehensive risk assessment to identify potential vulnerabilities in their operations. and the EU Cybersecurity Act.

Risk

Risk Cybersecurity Penetration Testing Digital transformation

How AI Could Write Our Laws

Schneier on Security

MARCH 14, 2023

Consider, for example, a 2013 Massachusetts bill that tried to restrict the commercial use of data collected from K-12 students using services accessed via the internet. Training data is available. Most other jurisdictions provide similar data feeds, and there are even convenient assemblages of that data.

Energy and Utilities

Energy and Utilities Artificial Intelligence Technology Government

NEW TECH: How a ‘bio digital twin’ that helps stop fatal heart attacks could revolutionize medicine

The Last Watchdog

DECEMBER 7, 2021

A digital twin is a virtual duplicate of a physical entity or a process — created by extrapolating data collected from live settings. Digital twins enable simulations to be run without risking harm to the physical entity; they help inform efficiency gains made in factories and assure the reliability of jet engines, for instance.

Engineering

Engineering Data collection Artificial Intelligence Technology

The Role of Differential Privacy in Protecting Sensitive Information in the Era of Artificial Intelligence

Security Affairs

MARCH 7, 2025

This article uses differential privacy in healthcare, finance, and government data analytics to explore the mathematical foundation, implementation strategies, and real-world applications of differential privacy. According to Erlingsson (2014), Google’s RAPPOR system collects user data while maintaining anonymity.

Artificial Intelligence

Artificial Intelligence Healthcare Data privacy Banking

GUEST ESSAY: California pioneers privacy law at state level; VA, VT, CO, NJ take steps to follow

The Last Watchdog

NOVEMBER 21, 2018

These regulations have certainly contributed to the movement towards consumerism and prompted businesses in the United States to rethink data collection and management, considering how violating these regulations could adversely affect their business and brand. For many, the answer is yes. If the U.S.

Data privacy

Data privacy Data collection Big data Government

The Wall Street Journal: Lawmakers Push to Ban DeepSeek App From U.S. Government Devices

Security Boulevard

FEBRUARY 7, 2025

Bipartisan Effort Seeks to Protect National Security Amid Concerns Over Chinese Data Collection WASHINGTONA new bill set to be introduced Thursday was initiated based on an analysis by Ivan Tsarynny , CEO of Feroot Security, which uncovered serious security risks posed by the DeepSeek chatbot application.

Government

Government Data collection Risk

A Pandora's Box: Unpacking 5 Risks in Generative AI

Thales Cloud Protection & Licensing

APRIL 17, 2024

A Pandora's Box: Unpacking 5 Risks in Generative AI madhav Thu, 04/18/2024 - 05:07 Generative AI (GAI) is becoming increasingly crucial for business leaders due to its ability to fuel innovation, enhance personalization, automate content creation, augment creativity, and help teams explore new possibilities.

Risk

Risk Data collection Artificial Intelligence Accountability

A Pandora’s Box: Unpacking 5 Risks in Generative AI

Security Boulevard

APRIL 17, 2024

A Pandora's Box: Unpacking 5 Risks in Generative AI madhav Thu, 04/18/2024 - 05:07 Generative AI (GAI) is becoming increasingly crucial for business leaders due to its ability to fuel innovation, enhance personalization, automate content creation, augment creativity, and help teams explore new possibilities.

Risk

Risk Data collection Artificial Intelligence Accountability

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

The Last Watchdog

SEPTEMBER 20, 2019

Local government agencies remain acutely exposed to being hacked. However, at this moment in history, two particularly worrisome types of cyber attacks are cycling up and hitting local government entities hard: ransomware sieges and election tampering. That’s long been true.

Ransomware

Ransomware Government Firewall Cyber Insurance

Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua

Security Affairs

FEBRUARY 12, 2023

Australia’s Defense Department announced that they will remove surveillance cameras made by Chinese firms linked to the government of Beijing. Australia’s Defense Department is going to replace surveillance cameras made by Chinese firms Hikvision and Dahua, who are linked to the government of Beijing. ” reported The Guardian.

Surveillance

Surveillance Government Manufacturing Risk

Why Overthinking Risk Will Turn You into Stone

Security Boulevard

APRIL 27, 2023

Why Overthinking Risk Will Turn You into Stone Risk is an enabler of Analysis Paralysis. Organizations invest vast amounts of money, time, and human capital in identifying, analyzing, and reporting potential risks within their domain. Risk exists no matter what an organization is involved in.

Risk

Risk Data collection CISO Government

Masterclass in CIAM for Insurance: Balancing Security, Experience, and Consent

IT Security Guru

AUGUST 7, 2024

These regulations stress the fair treatment of customers, transparent sales practices, robust governance and consent. The Legacy Risks Many insurance companies are still bogged down with legacy solutions which hamper innovation and undermine customer trust.

Insurance

Insurance Data collection Authentication Technology

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

Security Affairs

JUNE 19, 2021

The security breach took place on on May 14, and the institute discovered it only on May 31, then the research institute reported the incident to the government and launched an investigation. Early this month, researchers from Malwarebytes published a report on the Kimsuky APT’s operations aimed at South Korean government.

Hacking

Hacking VPN Internet Internet

Supply Chain Security 101: An Expert’s View

Krebs on Security

OCTOBER 12, 2018

Tony Sager (TS): The federal government has been worrying about this kind of problem for decades. In the 70s and 80s, the government was more dominant in the technology industry and didn’t have this massive internationalization of the technology supply chain. The attacker in this case has a risk model, too.

Computers and Electronics

Computers and Electronics Internet Internet Technology

NIST Report Highlights Rising Tide of Threats Facing AI Systems

SecureWorld News

JANUARY 17, 2024

Artificial intelligence (AI) promises to transform major sectors like healthcare, transportation, finance, and government over the coming years. As adoption accelerates, so too do emerging cybersecurity risks. Continuous risk assessment and governance throughout the AI system lifecycle remains essential.

Artificial Intelligence

Artificial Intelligence Data collection Architecture Healthcare

Moving from WhatsApp to Signal: A good idea?

Malwarebytes

MARCH 27, 2025

This week we learned that the US Government uses Signal for communication, after a journalist was accidentally added to a Signal chat. Probably the largest alternative to Signal, WhatsApp is owned by Meta, and has faced criticism for its data-sharing practices. Switching to Signal is justified if privacy is your top priority.

Encryption

Encryption Data collection Mobile Authentication

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

Thales Cloud Protection & Licensing

JULY 11, 2019

The GDPR applies to businesses that collect and use personal information from citizens of the EU, regardless of where the business itself is located. The GDPR’s four main areas of focus are: Privacy rights, Data security, Data control and Governance. What you can do as a CISO – A risk-based approach to GDPR is key.

Risk

Risk Encryption Accountability Government

Law Enforcement Eyeing Contact Tracing Apps

Security Boulevard

FEBRUARY 10, 2021

Australia: Incidental COVID-19 App Data Collection The Office of the Inspector General of Intelligence and Security conducted a study. They would be right. The post Law Enforcement Eyeing Contact Tracing Apps appeared first on Security Boulevard.

Data collection

Data collection Data privacy Risk Government

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

The landscape of cybersecurity laws and regulations today is set to undergo significant changes, impacting businesses, government entities, and individuals alike. Let’s explore what to expect from the upcoming regulations, provide insights into critical federal and state laws, and offer practical compliance and risk management strategies.

Cybersecurity

Cybersecurity Computers and Electronics Cyber threats Healthcare

The Rise of Data Sovereignty and a Privacy Era

SecureWorld News

JUNE 24, 2024

In addition, the risks of monetary and operational damage render it mission critical for enterprises to envision and enact the appropriate People, Process, and Technology safeguards to assure data protection and privacy. Weak access control processes can lead to breaches and data exploitation. is essential.

IoT

IoT InfoSec Artificial Intelligence Risk

Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches

Data breaches Banking Hacking Malware

The TikTok Ban: Security Experts Weigh in on the App’s Risks

Threatpost

SEPTEMBER 18, 2020

With no hard evidence of abuse, are bans warranted? The real security concerns will likely come after the ban goes into effect, researchers said in our exclusive roundtable.

Risk

Risk Data collection Surveillance Mobile

MITRE and DTEX Systems Announce Public-Private Partnership to Elevate Insider Risk Programs & Advance Human-Centric Security

CyberSecurity Insiders

FEBRUARY 1, 2022

–( BUSINESS WIRE )–MITRE and DTEX Systems , the Workforce Cyber Intelligence & Security Company , today announced a partnership to elevate insider risk awareness and human-informed cyber defense strategies through behavioral-based research and the launch of the MITRE Inside-R Protect program. . & MCLEAN, Va.–(

Risk

Risk Government Data collection Cyber threats

Key Aspects of Data Access Governance in Compliance and Auditing

Centraleyes

MAY 23, 2024

What is Data Access Governance? 80% of digital organizations will fail because they don’t take a modern approach to data governance. Gartner) Data is widely recognized as the most valuable business asset. Data access governance is a subset of data governance.

Government

Government Backups Accountability Data privacy

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

The researchers concluded that 911 is supported by a “mid scale botnet-like infrastructure that operates in several networks, such as corporate, government and critical infrastructure.” Highlighting the risk that 911 nodes could pose to internal corporate networks, they observed that “the infection of a node enables the 911.re

VPN

VPN Computers and Electronics Antivirus Software

Vulnerability Management Automation: A Mandate, Not A Choice

CyberSecurity Insiders

MARCH 22, 2023

Next, each vulnerability needs to be evaluated and prioritized according to its risk to the system and the organization. If there isn’t a solution available, then teams may have to mitigate the risk with additional security measures. Governments have been cracking down on cyber criminals to avoid a catastrophe.

Data breaches

Data breaches Cyber threats Government Risk

Insurance and Ransomware

Texas is the first state to ban DeepSeek on government devices

Trending Sources

How boards can manage digital governance in the age of AI

Privacy and Security of Data at Universities

AI Governance

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

5G Security

OpenAI Is Not Training on Your Dropbox Documents—Today

Differences in App Security/Privacy Based on Country

On Chinese "Spy Trains"

Crooks target DeepSeek users with fake sponsored Google ads to deliver malware

Canada is going to ban TikTok on government mobile devices

3 ways China's access to TikTok data is a security risk

The Best 10 Vendor Risk Management Tools

Cybersecurity Weekly Update – 24 February 2025

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Norway suspends its COVID-19 contact tracing app due to privacy concerns

The State of Digital Trust in 2025 - Consumers Still Shoulder the Responsibility

IATA Cyber Regulations

How AI Could Write Our Laws

NEW TECH: How a ‘bio digital twin’ that helps stop fatal heart attacks could revolutionize medicine

The Role of Differential Privacy in Protecting Sensitive Information in the Era of Artificial Intelligence

GUEST ESSAY: California pioneers privacy law at state level; VA, VT, CO, NJ take steps to follow

The Wall Street Journal: Lawmakers Push to Ban DeepSeek App From U.S. Government Devices

A Pandora's Box: Unpacking 5 Risks in Generative AI

A Pandora’s Box: Unpacking 5 Risks in Generative AI

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua

Why Overthinking Risk Will Turn You into Stone

Masterclass in CIAM for Insurance: Balancing Security, Experience, and Consent

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

Supply Chain Security 101: An Expert’s View

NIST Report Highlights Rising Tide of Threats Facing AI Systems

Moving from WhatsApp to Signal: A good idea?

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

Law Enforcement Eyeing Contact Tracing Apps

2024 Cybersecurity Laws & Regulations

The Rise of Data Sovereignty and a Privacy Era

Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

The TikTok Ban: Security Experts Weigh in on the App’s Risks

MITRE and DTEX Systems Announce Public-Private Partnership to Elevate Insider Risk Programs & Advance Human-Centric Security

Key Aspects of Data Access Governance in Compliance and Auditing

A Deep Dive Into the Residential Proxy Service ‘911’

Vulnerability Management Automation: A Mandate, Not A Choice

Stay Connected