Data collection, Risk and Technology - Cyber Security Informer

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

Security Affairs

DECEMBER 5, 2024

SOC analysts, vital to cybersecurity, face burnout due to exhausting workloads, risking their well-being and the effectiveness of organizational defenses. As such, analysts are hit with a deluge of low-quality alerts, increasing the risk of missing genuine threats. But it doesn’t have to be this way.

Artificial Intelligence

Artificial Intelligence Data collection Cybersecurity Risk

How threat actors can use generative artificial intelligence?

Security Affairs

DECEMBER 1, 2024

The increasing sophistication of these technologies has made it harder than ever to distinguish real content from fake. A study by the Massachusetts Institute of Technology (MIT) presented in 2019 revealed that deepfakes generated by AI could deceive humans up to 60% of the time. As the technology evolves, so will its misuse.

Artificial Intelligence

Artificial Intelligence Phishing Media Cyber threats

GUEST ESSAY: Privacy risks introduced by the ‘metaverse’ — and how to combat them

The Last Watchdog

OCTOBER 10, 2022

As digital technologies become more immersive and tightly integrated with our daily lives, so too do the corresponding intrusive attacks on user privacy. To test the true extent of data collection in VR, we designed a simple 30-person user study called MetaData. Related: The case for regulating facial recognition.

Risk

Risk Data privacy Data collection Technology

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Web 3.0 Requires Data Integrity

Schneier on Security

APRIL 3, 2025

As Web technologies matured, the focus shifted to protecting the vast amounts of data flowing through online systems. Without this foundation of verifiable truth, AI systems risk becoming a series of opaque boxes. The risks of deploying AI without proper integrity control measures are severe and often underappreciated.

Artificial Intelligence

Artificial Intelligence Architecture Internet Internet

Cloudy with Strategic Technology Macro Trends on the Horizon

SecureWorld News

SEPTEMBER 3, 2024

Identity as the digital perimeter and data protection are mission critical to foster digital trust, enable service assurance, and minimize enterprise risk. These factors are illustrated and discussed in depth in my article, The Rise of Data Sovereignty and a Privacy Era. Thus, modern network management needs new tools.

Technology

Technology Architecture Risk Data collection

Your location or browsing habits could lead to price increases when buying online

Malwarebytes

JANUARY 20, 2025

The intermediaries claimed they used advanced algorithms, artificial intelligence, and other technologies, along with personal information about consumers to determine targeted prices. We don’t just report on threats – we help safeguard your entire digital identity Cybersecurity risks should never spread beyond a headline.

Surveillance

Surveillance Artificial Intelligence Consumer Protection Retail

LLM Summary of My Book Beyond Fear

Schneier on Security

SEPTEMBER 15, 2023

Claude’s reply: Here’s a brief summary of the key themes and arguments made in security expert Bruce Schneier’s book Beyond Fear: Thinking Sensibly About Security in an Uncertain World : Central Themes: Effective security requires realistic risk assessment, not fear-driven responses. Focus only on proportional responses.

Data collection

Data collection Risk Surveillance Manufacturing

On Surveillance in the Workplace

Schneier on Security

MARCH 12, 2019

Touted as useful management tools, they can augment biased and discriminatory practices in workplace evaluations and segment workforces into risk categories based on patterns of behavior. Gamification and algorithmic management of work activities through continuous data collection.

Surveillance

Surveillance Data collection Technology Risk

NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments

The Last Watchdog

MARCH 14, 2019

So they began inundating their third-party suppliers with “bespoke assessments” – customized cyber risk audits that were time consuming and redundant. Kneip also painted the wider context about why effective third-party cyber risk management is an essential ingredient to baking-in security at a foundational level.

Cyber Risk

Cyber Risk Risk Digital transformation Accountability

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

There is definitely a national security risk in buying computer infrastructure from a country you don't trust. Meanwhile, the chairman of China's technology giant Huawei has pointed to NSA spying disclosed by Edward Snowden as a reason to mistrust US technology companies. This is a complicated topic.

Surveillance

Surveillance Wireless Government Internet

OpenAI Is Not Training on Your Dropbox Documents—Today

Schneier on Security

DECEMBER 19, 2023

We risk letting companies get away with real misconduct because we incorrectly believed in conspiracy theories. This isn’t helped by the fact that AI technology means the scope of what’s possible is changing at a rate that’s hard to appreciate even if you’re deeply aware of the space.

Government

Government Banking Risk Internet

Cyber Playbook: Information Technology vs Operational Technology – How to Leverage IT to Secure Your OT Systems

Herjavec Group

JANUARY 31, 2022

Information Technology (IT) primarily refers to hardware, software, and communications technologies like networking equipment and modems that are used to store, recover, transmit, manipulate, and protect data. . Operational technology has seen innovations that allowed it to become safer, more efficient, and more reliable.

Technology

Technology Cybersecurity InfoSec Software

Emerging security challenges for Europe’s emerging technologies

Thales Cloud Protection & Licensing

SEPTEMBER 5, 2019

With many of these transformations, it is not just the premise of keeping up that drives the huge levels of investment we see organisations making – but also the promise of what’s possible, if the right technologies and approaches can be harnessed to disrupt or differentiate in the face of fierce competition. Containers.

Technology

Technology Digital transformation IoT Big data

5G Security

Schneier on Security

JANUARY 14, 2020

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Eavesdropping is also a risk, although efforts to listen in would almost certainly be detectable. The technology will quickly become critical national infrastructure, and security problems will become life-threatening. What's more, U.S.

Data collection

Data collection Software Marketing Government

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

The Last Watchdog

JANUARY 9, 2023

It’s often difficult for small businesses to invest significantly in data privacy compliance or security measures because they don’t have large budgets. In fact, many SMBs have to choose between investing in new technology and making payroll.

Data privacy

Data privacy Small Business Data collection Cyber Risk

GUEST ESSAY: Here’s why managed security services — MSS and MSSP — are catching on

The Last Watchdog

MAY 20, 2022

Managed security services (MSS) refer to a service model that enable the monitoring and managing of security technologies, systems, or even software-as-a-service (SaaS) products. An MSSP can assist with data collection and report generation to establish compliance during audits or in the aftermath of a possible incident.

Marketing

Marketing Digital transformation Technology Cybersecurity

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

Only by integrating these tools into your larger security reporting and analytics infrastructure, and by leveraging actionable responses, can one reduce the threat risk to an organization. An integration with Cigent Technology is now available for Secure Endpoint customers to integrate with. New Cisco Cloud Security Integrations.

Technology

Technology Firewall VPN Authentication

All enterprises are at risk of mobile attacks says Check Point Software Technologies

CyberSecurity Insiders

APRIL 15, 2021

Checkpoint Software Technologies released a mobile security report of 2021 that states that almost all enterprises operating in the world are at the risk of facing mobile attacks. The post All enterprises are at risk of mobile attacks says Check Point Software Technologies appeared first on Cybersecurity Insiders.

Mobile

Mobile Technology Software Risk

LLMs and Phishing

Schneier on Security

APRIL 10, 2023

But while it’s an easy experiment to run, it misses the real risk of large language models (LLMs) writing scam emails. This is due not only to AI advances, but to the business model of the internet—surveillance capitalism—which produces troves of data about all of us, available for purchase from data brokers.

Phishing

Phishing Scams Internet Internet

The Best 10 Vendor Risk Management Tools

Centraleyes

MARCH 25, 2024

Let’s discuss an acronym reshaping the business world: Vendor Risk Management , or VRM. With supply chains extending across multiple regions and involving numerous third-party vendors, organizations face unprecedented challenges in managing vendor risks effectively. What risks are you facing?

Risk

Risk Data collection Architecture Government

Senators Urge FTC to Probe ID.me Over Selfie Data

Krebs on Security

MAY 18, 2022

for “deceptive statements” the company and its founder allegedly made over how they handle facial recognition data collected on behalf of the Internal Revenue Service , which until recently required anyone seeking a new IRS account online to provide a live video selfie to ID.me. ” As Cyberscoop reported on Apr.

Government

Government Accountability Surveillance Data collection

DCAP Systems: Protecting Your Data with Advanced Technology

SecureWorld News

APRIL 30, 2023

DCAP can be seen as an intelligent security instrument that provides off-the-shelf data protection technologies, implementing a new approach to solving an important and necessary task. They analyze user accounts, files and their contents, access rights, data movements, and also identify violations. In particular.

Technology

Technology Unstructured Data Data breaches Information Security

New streaming ad technology plays hide-and-seek with gamers

Malwarebytes

OCTOBER 27, 2022

Let’s take a look at how advertising has been used in an Amazon gaming title previously, and see how that could create a frosty reception for any new ad technology. Even so, it seems more varied types of ad presentations were required to lower the risk of turning people away from streaming or watching altogether.

Technology

Technology Advertising Marketing Retail

Masterclass in CIAM for Insurance: Balancing Security, Experience, and Consent

IT Security Guru

AUGUST 7, 2024

The insurance industry is experiencing a significant transformation fuelled by the ubiquity of digital technologies. Additionally, by respecting individual preferences and giving them control over their data, businesses can foster better relationships with their users and show their commitment to privacy and data protection.

Insurance

Insurance Data collection Authentication Technology

“We will hold them accountable”: General Motors sued for selling customer driving data to third parties

Malwarebytes

AUGUST 20, 2024

GM collected scores of data points from consumers about their driving habits and monetized that data by selling it on to other commercial parties. The driving data collected and sold by GM included trip details like speed, seatbelt status, and driven distance.

Insurance

Insurance Accountability Data collection Surveillance

Cybersecurity Weekly Update – 24 February 2025

Security Boulevard

FEBRUARY 23, 2025

Home Office Contractor's Data Collection Sparks Privacy Concerns The Home Office faces scrutiny after revelations that its contractor, Equifax, collected data on British citizens while conducting financial checks on migrants applying for fee waivers.

Cybersecurity

Cybersecurity Government Data collection Encryption

ICFR Best Practices: How to Design and Maintain Strong Financial Controls

Centraleyes

APRIL 17, 2025

For example, requiring managerial approval for large transactions or implementing strict system access restrictions ensures that risks are mitigated at the outset. If controls are applied haphazardly, poorly monitored, or lack standardization, financial reporting risks still persist. Where Does COSO Fit In?

Risk

Risk Technology Accountability Cybersecurity

How boards can manage digital governance in the age of AI

BH Consulting

MARCH 26, 2025

If there is one statistic that sums up the increasing pace of technological change, it might well be this. This rapid transformation creates a challenge for boards tasked with balancing emerging risks and strategic opportunities. How should boards approach digital risks?

Government

Government Artificial Intelligence Risk Digital transformation

AI Governance

Centraleyes

MAY 27, 2024

While many official assessments focus on helping developers secure AI systems, our assessment provides a tailored approach for users of these AI technologies, as well as in-house developers. The AI Governance assessment is a highly valuable tool to enhance AI governance and risk management practices within the organization.

Government

Government Risk Technology Data collection

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Security Affairs

NOVEMBER 6, 2024

The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc. The government is taking action to address the specific national security risks related to ByteDance Ltd.’s s operations in Canada through the establishment of TikTok Technology Canada, Inc. s establishment of TikTok Technology Canada Inc.

Government

Government Mobile Media Technology

Clarifying CAASM vs EASM and Related Security Solutions

NetSpi Executives

NOVEMBER 6, 2024

But with names like CAASM, EASM, and DRPS, plus their overlapping or complementary capabilities, it can be a lot of work to understand how they differ, and which technologies are right for you. They can then prioritize remediation efforts, focusing on the assets that pose the greatest risk to the organization.

Risk

Risk Technology Penetration Testing Cyber threats

IATA Cyber Regulations

Centraleyes

DECEMBER 11, 2024

Recent amendments have focused on addressing vulnerabilities linked to digital transformation in aviation, such as the use of cloud technologies and IoT devices. These include: Cybersecurity Risk Assessment: Organizations must perform a comprehensive risk assessment to identify potential vulnerabilities in their operations.

Risk

Risk Cybersecurity Penetration Testing Digital transformation

GUEST ESSAY: California pioneers privacy law at state level; VA, VT, CO, NJ take steps to follow

The Last Watchdog

NOVEMBER 21, 2018

International regulations have also played a significant role in the privacy discussion, specifically following enforcement of the GDPR (General Data Privacy Regulation) in the European Union (EU). At the forefront of privacy-law related issues are very visible and widely used big technology companies. If the U.S.

Data privacy

Data privacy Data collection Big data Government

Supply Chain Security 101: An Expert’s View

Krebs on Security

OCTOBER 12, 2018

— had allegedly inserted hardware backdoors in technology sold to a number of American companies. Sager said he hadn’t heard anything about Supermicro specifically, but we chatted at length about the challenges of policing the technology supply chain. The attacker in this case has a risk model, too. TS: Exactly.

Computers and Electronics

Computers and Electronics Internet Internet Technology

SOC Technology Failures?—?Do They Matter?

Security Boulevard

DECEMBER 10, 2021

SOC Technology Failures?—?Do Most failed Security Operations Centers (SOCs) that I’ve seen have not failed due to a technology failure. Let’s stick to mostly technology focused failures. An astute reader will notice that in the list below, some of the purported technology failures are really process failures in disguise.

Technology

Technology CISO Data collection Threat Detection

FTC finds social media and video streaming services engaged in vast surveillance of consumers

Malwarebytes

SEPTEMBER 20, 2024

The conclusions seemed to upset the FTC, but we weren’t even mildly surprised: “The amount of data collected by large tech companies is simply staggering. The technology powering this ecosystem took place behind the scenes and out of view to consumers, posing significant privacy risks.

Surveillance

Surveillance Media Data collection Advertising

Taking Control Online: Ensuring Awareness of Data Usage and Consent

Security Affairs

SEPTEMBER 17, 2024

The report provides insights into factors influencing user consent for data collection and usage and reasons for consumer disengagement. Consumers want detailed control over their information and the flexibility to adjust their consent based on various factors, such as the context of the interaction or perceived risks of data misuse.

Data collection

Data collection Data privacy B2B Digital transformation

Mapping Secure Endpoint (and Malware Analytics) to NIST CSF Categories and Sub-Categories

Cisco Security

JULY 5, 2021

IDENTIFY – Risk Assessment (vulnerabilities identified; threat intelligence received; threats identified; threats, vulnerabilities and impacts to determine risk). This enables quick transition from analysing a threat in Malware Analytics to searching for hosts that is at risk in the environment. 3 and ID.RA-5] 2 and ID.RA-3]

Malware

Malware Risk Mobile Technology

Privacy issues in smart cities – Lessons learned from the Waterfront Toronto – Sidewalks project

Privacy and Cybersecurity Law

JUNE 29, 2020

The experience made clear that no smart city can proceed without social license and that there is no social license without addressing privacy risks. Risk #1: Surveillance both from the State and surveillance capitalism. Digital solutions generally create the risk of law enforcement access to the data they collect.

Surveillance

Surveillance Data collection Risk Data breaches

A Pandora's Box: Unpacking 5 Risks in Generative AI

Thales Cloud Protection & Licensing

APRIL 17, 2024

A Pandora's Box: Unpacking 5 Risks in Generative AI madhav Thu, 04/18/2024 - 05:07 Generative AI (GAI) is becoming increasingly crucial for business leaders due to its ability to fuel innovation, enhance personalization, automate content creation, augment creativity, and help teams explore new possibilities.

Risk

Risk Data collection Artificial Intelligence Accountability

A Pandora’s Box: Unpacking 5 Risks in Generative AI

Security Boulevard

APRIL 17, 2024

A Pandora's Box: Unpacking 5 Risks in Generative AI madhav Thu, 04/18/2024 - 05:07 Generative AI (GAI) is becoming increasingly crucial for business leaders due to its ability to fuel innovation, enhance personalization, automate content creation, augment creativity, and help teams explore new possibilities.

Risk

Risk Data collection Artificial Intelligence Accountability

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Let’s explore what to expect from the upcoming regulations, provide insights into critical federal and state laws, and offer practical compliance and risk management strategies. Cybersecurity laws and regulations encompass a range of legal requirements designed to protect information systems and data from cyber threats.

Cybersecurity

Cybersecurity Computers and Electronics Cyber threats Healthcare

NIST Report Highlights Rising Tide of Threats Facing AI Systems

SecureWorld News

JANUARY 17, 2024

As adoption accelerates, so too do emerging cybersecurity risks. National Institute of Standards and Technology (NIST). The report maps out a detailed taxonomy of current adversarial threats to AI systems across different modalities such as computer vision, natural language processing, speech recognition, and tabular data analytics.

Artificial Intelligence

Artificial Intelligence Data collection Architecture Healthcare

Cybercriminals Are Targeting AI Conversational Platforms

Security Affairs

OCTOBER 9, 2024

Conversational AI platforms are designed to facilitate natural interactions between humans and machines using technologies like Natural Language Processing (NLP) and Machine Learning (ML). Bots can collect valuable data from user interactions, which can be analyzed to gain insights into customer preferences and behaviors.

Social Engineering

Social Engineering Risk Identity Theft Technology

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

How threat actors can use generative artificial intelligence?

Webinars

Trending Sources

GUEST ESSAY: Privacy risks introduced by the ‘metaverse’ — and how to combat them

Webinars

Web 3.0 Requires Data Integrity

Cloudy with Strategic Technology Macro Trends on the Horizon

Your location or browsing habits could lead to price increases when buying online

LLM Summary of My Book Beyond Fear

On Surveillance in the Workplace

NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments

On Chinese "Spy Trains"

OpenAI Is Not Training on Your Dropbox Documents—Today

Cyber Playbook: Information Technology vs Operational Technology – How to Leverage IT to Secure Your OT Systems

Emerging security challenges for Europe’s emerging technologies

5G Security

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

GUEST ESSAY: Here’s why managed security services — MSS and MSSP — are catching on

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

All enterprises are at risk of mobile attacks says Check Point Software Technologies

LLMs and Phishing

The Best 10 Vendor Risk Management Tools

Senators Urge FTC to Probe ID.me Over Selfie Data

DCAP Systems: Protecting Your Data with Advanced Technology

New streaming ad technology plays hide-and-seek with gamers

Masterclass in CIAM for Insurance: Balancing Security, Experience, and Consent

“We will hold them accountable”: General Motors sued for selling customer driving data to third parties

Cybersecurity Weekly Update – 24 February 2025

ICFR Best Practices: How to Design and Maintain Strong Financial Controls

How boards can manage digital governance in the age of AI

AI Governance

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Clarifying CAASM vs EASM and Related Security Solutions

IATA Cyber Regulations

GUEST ESSAY: California pioneers privacy law at state level; VA, VT, CO, NJ take steps to follow

Supply Chain Security 101: An Expert’s View

SOC Technology Failures?—?Do They Matter?

FTC finds social media and video streaming services engaged in vast surveillance of consumers

Taking Control Online: Ensuring Awareness of Data Usage and Consent

Mapping Secure Endpoint (and Malware Analytics) to NIST CSF Categories and Sub-Categories

Privacy issues in smart cities – Lessons learned from the Waterfront Toronto – Sidewalks project

A Pandora's Box: Unpacking 5 Risks in Generative AI

A Pandora’s Box: Unpacking 5 Risks in Generative AI

2024 Cybersecurity Laws & Regulations

NIST Report Highlights Rising Tide of Threats Facing AI Systems

Cybercriminals Are Targeting AI Conversational Platforms

Stay Connected