The General Data Privacy Regulation (GDPR) seems to already be having a positive effect on the state of cybersecurity in Europe less than seven months after it was enacted, showing that policy indeed can have a direct effect on organizations’ security practices, security researchers said.
In the latest Security Ledger podcast, we analyze the breach of Deloitte by talking to two people who spend a lot of time judging the security of firms by how they look to the outside world. Dan Tentler of the firm Phobos Group tells us what he found out about Deloitte doing some fast and dirty open source research. Also: we talk to Stephen Boyer of the firm BitSight about a new study that firm did of the gap between the security readiness of financial services firms and the third-party software supply chain they rely on.
In-brief: The U.S. Chamber of Commerce has released guidelines for the use of cyber security ratings – a kind of “credit score” that will allow consumers and other businesses to assess the trustworthiness of organizations they do business with.
In-brief: data from the firm BitSight finds a link between outdated web browser and operating system software and headline-grabbing breaches. Are we surprised?
In-brief: Researchers at Anubis Networks claim that Necurs, one of the world’s largest botnets, has added a feature for launching denial of service attacks.
