Information security laws, investigations and ethics news, help and research

Information security laws, investigations and ethics News

July 22, 2021 22 Jul'21
US Senate mulling bill on data breach notifications

The Senate Intelligence Committee introduced a bill that would require federal agencies and companies providing critical infrastructure to report network breaches to DHS.
July 21, 2021 21 Jul'21
U.K. man arrested in connection with 2020 Twitter breach

A 22-year-old U.K. resident was arrested in Spain and will face extradition on charges related to a social engineering operation that netted big-name Twitter accounts.
July 19, 2021 19 Jul'21
US charges members of APT40, Chinese state-sponsored group

The Department of Justice accused four Chinese nationals of hacking into a variety of businesses between 2011 and 2018 to steal trade secrets and other valuable data.
June 30, 2021 30 Jun'21
European police lay siege to hacker haven DoubleVPN

An international law enforcement operation shut down DoubleVPN, a Dutch-hosted service that had provided low-cost, underground anonymizing services to cybercriminals.

Bring yourself up to speed with our introductory content

cyberterrorism

According to the U.S. Federal Bureau of Investigation, cyberterrorism is any 'premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by ... Continue Reading
National Security Agency (NSA)

The National Security Agency (NSA) is a federal government intelligence agency that is part of the United States Department of Defense and is managed under the authority of the director of national intelligence (DNI). Continue Reading
cyberextortion

Cyberextortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

CMMC requirements set to ripple throughout DOD supply chain

The Department of Defense's CMMC requirements target defense contractors, but organizations throughout the DOD supply chain -- and beyond -- are prepping for the standards. Continue Reading
The future of facial recognition after the Clearview AI data breach

The company that controversially scrapes data from social media sites for law enforcement clients announced a data breach. What does it mean for the future of facial recognition? Continue Reading
How the future of data privacy regulation is spurring change

Some companies have taken steps to improve data governance in anticipation of data privacy rules. Experts discuss the challenges of compliance in a shifting regulatory landscape. Continue Reading

Learn to apply best practices and optimize your operations.

How to handle social engineering penetration testing results

In the wake of conducting social engineering penetration testing, companies need to have a plan ready to prevent or minimize phishing, vishing and other attacks. Continue Reading
How to ethically conduct pen testing for social engineering

Author Joe Gray explores his interest in pen testing for social engineering, what it means to be an ethical hacker and how to get started in the career. Continue Reading
Updating the data discovery process in the age of CCPA

Privacy regulations are changing the enterprise data discovery process. Now, automation is key for fulfilling data discovery mandates, including those for CCPA and GDPR. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How to create a ransomware incident response plan

The increase in recent attacks makes clear the need for a ransomware incident response plan. Here's how to limit the effect of such attacks, as well as what to do if infected. Continue Reading
What are the roles and responsibilities of a liaison officer?

While liaison officer responsibilities vary depending on the company they work for, their strong organizational and communications skills make them critical to incident response. Continue Reading
CISO tackles banking cybersecurity and changing roles

Over the course of his career in security, Thomas Hill has held varied positions that inform his views on both technological specifics and strategic roles in modern corporations. Continue Reading