Data security

Five Data Breaches that Put Victims at Greater Risk of COVID-19 Scams

Friday, May 29, 2020 - 3:05pm

The San Francisco fraud prevention and detection technology firm used its proprietary algorithm to analyze more than 1,000 elements of these five data breaches to produce their respective risk ratings.

Key Points: 
  • The San Francisco fraud prevention and detection technology firm used its proprietary algorithm to analyze more than 1,000 elements of these five data breaches to produce their respective risk ratings.
  • According to Van Dyke, not every data breach opens victims up to COVID-19 related scams, or at least not to the same degree.
  • Breach Clarity's analysis revealed that five recently reported data breaches put victimized consumers at greater risk of targeted scams.
  • "While they didn't break into the top five, a number of smaller breaches directly tied to COVID-19 assistance programs pose particularly concentrated risk to victims," added Van Dyke.

Harro Höfliger and Vaxxas Announce Alliance to Develop Industrial-scale Aseptic Processing Line for Vaccine Products Based on Vaxxas’ High Density Microarray Patch (HD-MAP)

Thursday, May 28, 2020 - 8:02pm

Were excited to be working on this project with Harro Hfliger, said David L. Hoey, President and CEO of Vaxxas.

Key Points: 
  • Were excited to be working on this project with Harro Hfliger, said David L. Hoey, President and CEO of Vaxxas.
  • Our novel device design along with our innovative vaccine coating and quality verification technologies are an excellent fit for integration with Harro Hfligers aseptic process automation platforms.
  • Adopting a modular approach, it will be possible to achieve output of tens-of-millions of vaccine-HD-MAP products per week.
  • Vaxxas HD-MAP is a 9x9mm array of thousands of very short (~250m) projections, invisible to the naked eye, coated with vaccine.

Tech Talk with the Regulators – Understanding Anonymization Under the GDPR

Thursday, May 28, 2020 - 9:00pm

The General Data Protection Regulation (GDPR) has already been in existence for four years, and has been in force for two years. How can anonymization techniques under the GDPR help Data Protection Officers (DPOs) assess innovation? I hosted a webinar with Truata that featured experts from DPAs in Italy, Ireland, and the UK to find out more about their perspective. The recording is available here (link to the webinar).  ‘A revision of the 2014 opinion on anonymization techniques is in the working program of the EDPB’ In 2014, the European data protection authorities, assembled in the Article 29 Working Party provided guidance in their opinion on anonymization techniques.

Key Points: 


The General Data Protection Regulation (GDPR) has already been in existence for four years, and has been in force for two years. How can anonymization techniques under the GDPR help Data Protection Officers (DPOs) assess innovation? I hosted a webinar with Truata that featured experts from DPAs in Italy, Ireland, and the UK to find out more about their perspective. The recording is available here (link to the webinar).  

‘A revision of the 2014 opinion on anonymization techniques is in the working program of the EDPB’
    • In 2014, the European data protection authorities, assembled in the Article 29 Working Party provided guidance in their opinion on anonymization techniques.
    • Giuseppe DAcquisto, Senior Technology Advisor at the Italian Data Protection Authority, said that some adjustments to the 2014 guidance are needed because there are unexplored aspects of anonymization in the GDPR: A revision of the 2014 opinion is in the working program of the EDPB.
    • Ultan OCarroll, Deputy Commissioner for Technology and Operational Performance at the Data Protection Commission in Ireland, said: The 2014 opinion is still as valid as it ever was, if not more so.
‘Unexplored aspects of anonymization in the GDPR’
  • D’Acquisto gave three examples where in his view the use of Privacy Enhancing Technologies (PETs) could play a role.
    1. On legitimate interest as a legal ground: “Anonymization techniques can become an element in the balancing test when you want to invoke legitimate interest.”
    2. On public interest as a legal ground: “Public interest is an opportunity when used in combination with national law.” He called on national legislators to explore the possibility of including the use of privacy-enhancing safeguards in laws.
    3. On the secondary, (in)compatible use of personal data for further processing: “Rethinking the 2014 opinion is useful to explore new opportunities for data controllers.”
    • It clarifies Article 6 of the GDPR which stipulates the lawfulness of processing.
    • Recital 50 states that the processing of personal data for purposes other than those for which the personal data were initially collected should be allowed only where the processing is compatible with the purposes for which the personal data were initially collected.
    • DAcquisto stressed that value could be added to data in the interest of the public when applying anonymization techniques as safeguards for our rights and freedoms.
‘Time to focus on privacy risk management’
    • Simon McDougall, Executive Director for Technology Policy and Innovation at the Information Commissioners Office in the UK, said that it is time to focus on privacy risk management: There is a tension between risk management and hard science.
    • They struggle with the concept of residual risk and the question of what risk to accept.
    • He also explained the benefits of a layered approach to privacy risk management, rather than a focus on a single technology.
    • Think of it as a Swiss cheese notion of [stacked] risk management measures, McDougall said.
‘Legal and technical competences are complementary to each other’
    • The broader questions around innovation, sharing of data, and repurposing of data have become particularly important in the context of COVID-19.
    • Accordingly, each of the experts expressed their advice for DPOs given the developments in anonymization technologies.
    • DAcquisto suggested that DPOs should not rely on either legal or technical competence alone.
    • A holistic approach is needed with legal safeguards, technical safeguards, and a path toward compliance.
‘DPOs: do not go alone; get help’
    • DPOs need to get access to scientists and to organizational people, but also to expert advice in terms of social science, cognitive science, interface design, or mathematics, for example.
    • Do not go alone; get help, he said.
    • Its not worth carrying forward without that because youll be asked questions that you may not think about.
    • Instead of thinking this is all incredibly complicated, they should try to understand what the risks are for the individual and the organization.
    • It is possible to keep up with it so you can then have the conversation with the right expert.

OVATION Partners with TRUCE Software to Provide Distracted Driving Solutions to Businesses and Fleets

Thursday, May 28, 2020 - 7:00pm

"The partnership with OVATION enables our customers to activate large scale mobility deployments quickly and efficiently," said Pete Plotas, vice president of global alliances, TRUCE Software.

Key Points: 
  • "The partnership with OVATION enables our customers to activate large scale mobility deployments quickly and efficiently," said Pete Plotas, vice president of global alliances, TRUCE Software.
  • Established in 2009, TRUCE Software is headquartered in Lisle, Illinois with research and development in Baton Rouge, Louisiana.
  • Based outside of Charlotte, North Carolina, OVATION is a privately held company providing global enterprise Managed Mobility Solutions and Unified Endpoint Management.
  • OVATION's reporting tools are GDPR compliant and provide visibility of cost, usage and inventory for companies that utilize wireless carriers globally.

Gartner Names CloudKnox Security a 2020 Cool Vendor in IAM and Fraud Detection

Thursday, May 28, 2020 - 5:00pm

CloudKnox Security , provider of the only cloud permissions management platform for hybrid and multi-cloud environments, today announced it has been named a Cool Vendor in Identity and Access Management and Fraud Detection1 by Gartner.

Key Points: 
  • CloudKnox Security , provider of the only cloud permissions management platform for hybrid and multi-cloud environments, today announced it has been named a Cool Vendor in Identity and Access Management and Fraud Detection1 by Gartner.
  • "We are delighted to be recognized as a Gartner Cool Vendor in IAM and Fraud Detection, as it validates our patented technology innovations and highlights the growing market need for a multi-cloud permissions management solution," said Balaji Parimi, CEO and founder of CloudKnox Security.
  • To download the full Gartner Cool Vendors in Identity and Access Management and Fraud Detection report, visit https://www.gartner.com/doc/3985596?ref=AnalystProfile&srcId=1-4554397745 .
  • [1] Gartner, Cool Vendors in Identity and Access Management and Fraud Detection, Michael Kelley, Jonathan Care, Henrique Teixeira, Felix Gaehtgens, Akif Khan, May 26, 2020.

AttackIQ Announces New Architecture and Products to Help Enterprises Fully Automate Continuous Security Validation and Remediation

Thursday, May 28, 2020 - 1:00pm

To stay ahead of the threat, enterprise security teams need to validate and continually assess that cyber defenses are always optimally configured.

Key Points: 
  • To stay ahead of the threat, enterprise security teams need to validate and continually assess that cyber defenses are always optimally configured.
  • The AttackIQ Informed Defense Architecture (AIDA) enables a transparent and completely manageable attacker kill chain testing methodology.
  • Provides an integrated testing architecture that allows customers to closely emulate threat actor behaviors across the entire adversary kill chain.
  • AttackIQs mission is to help organizations continuously optimize their security programs effectiveness, said Chris Kennedy, CISO and VP of Customer Success, AttackIQ.

Sixgill Feeds Unmatched Threat Intelligence Into Splunk Platform

Wednesday, May 27, 2020 - 5:00pm

TEL AVIV, Israel, May 27, 2020 /PRNewswire/ -- Sixgill , a leading cyber threat intelligence company, today announced that users of Splunk, the Data-for-Everything platform, will have access to Sixgill's Darkfeed, the company's automated stream of indicators of compromise.

Key Points: 
  • TEL AVIV, Israel, May 27, 2020 /PRNewswire/ -- Sixgill , a leading cyber threat intelligence company, today announced that users of Splunk, the Data-for-Everything platform, will have access to Sixgill's Darkfeed, the company's automated stream of indicators of compromise.
  • "It gives unmatched intelligence for maximum performance, and delivers added value through frictionless integration with Splunk."
  • For users of the Splunk Enterprise Security Platform, the integration leverages Sixgill's power to supercharge threat research and incident response with access to real-time threat intelligence.
  • Rich intelligence feeds such as Darkfeed harness Sixgill's unmatched intelligence collection capabilities and deliver real-time intel into organizations' existing security systems to help proactively block threats.

“Father of SSL” and Public-Key Cryptography Co-Inventor Headline Beyond Identity’s Technical Advisory Board

Wednesday, May 27, 2020 - 2:00pm

Beyond Identity replaces passwords with trusted certificates, originally defined in PKC and ubiquitously deployed within TLS (formerly SSL).

Key Points: 
  • Beyond Identity replaces passwords with trusted certificates, originally defined in PKC and ubiquitously deployed within TLS (formerly SSL).
  • Passwords are the bane of everyones existence from consumers to the largest enterprises, said Jermoluk, Co-Founder and CEO of Beyond Identity.
  • And with a global virtual workforce more distributed than ever before, security and identity management have never been more critical.
  • Beyond Identity technical advisory board quotes include:
    Compromised passwords are one of the top causes for data breaches in the digital world today by far.

New Netography Data Collection Agents Enhance Security Posture, Data Privacy and Reduce Mean Time to Resolution

Wednesday, May 27, 2020 - 1:16pm

Security platform provider Netography today announced advanced security and enhanced data privacy capabilities with the release of two new powerful data collection agents .

Key Points: 
  • Security platform provider Netography today announced advanced security and enhanced data privacy capabilities with the release of two new powerful data collection agents .
  • These agents significantly expand network visibility, enable pinpointed data access, and reduce mean time to resolution across an organizations entire network.
  • They also increase security by supporting the use of encrypted data, and enhance privacy with data filtering.
  • Netography is helping security teams improve their security posture and save time by making meaningful data collection easier and more secure, says Barrett Lyon, CEO of Netography.

K2View Further Innovates in Data Management with New Encryption Patent

Wednesday, May 27, 2020 - 1:00pm

This patent represents a new, innovative approach to encryption that provides a more secure method for encrypting data.

Key Points: 
  • This patent represents a new, innovative approach to encryption that provides a more secure method for encrypting data.
  • It is also foundational to how K2View solutions deliver secure and encrypted data management.
  • 10,657,275, Encryption Directed Database Management System and Method, was awarded to K2View on May 19, 2020, and is K2Views second patent.
  • K2View is a leading provider of advanced data fabric, data integration, and data delivery software that takes the promise of a 360-degree view of data to the next level.