Security researchers have uncovered a three-year cyber attack on a Russian oil company that appeared at first glance to be state-sponsored, but later was found to be the work of cyber criminals seeking financial gain. The discovery is a cautionary tale for security experts not to be too rash when when drawing conclusions about high-profile cyber attacks.
The General Data Privacy Regulation (GDPR) seems to already be having a positive effect on the state of cybersecurity in Europe less than seven months after it was enacted, showing that policy indeed can have a direct effect on organizations’ security practices, security researchers said.
A massive database holding more than 114 million records of U.S. citizens and companies was discovered sitting online unprotected due to misconfigured search, a data leak that is estimated to affect about 83 million people.
Podcast: Play in new window | Download (Duration: 33:08 — 37.9MB) | EmbedSubscribe: Android | Email | Google Podcasts | RSSThis episode of The Security Ledger Podcast (#93) was sponsored by Keysight Technologies, a leading technology company that helps enterprises, service providers, and governments accelerate innovation to connect and secure the world. Check them out at Keysight.com. In this episode: with the May 25th go-live date of the EU General Data Privacy Regulation (GDPR) just around the corner, we talk with Cisco Chief Privacy Officer Michelle Dennedy about her expectations for the May 25th deadline and what lies beyond it. Also: with the 2018 RSA Conference now in the history books, we invited Steve McGregory, the Senior Director of Application and Threat Intelligence at Ixia in to talk about his big takeaways from the show. Steve also weighs in on one of the big trends this year: machine learning.
The European Union (EU) wants to send a clear message to companies that it’s serious about data privacy, suggesting it will still slap fines on data breaches that happen even before the EU General Data Protection Regulation (GDPR) takes effect in late May if companies don’t disclose them first.