The SANS Institute’s Securing the Human blog has a nice, contributed article by Kelli Tarala of Enclave Security on the security and privacy implications of wearable technology. Among Tarala’s conclusions: health and so-called “quantified self” products do much more than gather health data like pulse and blood pressure. Rather: they are omnivores, gobbling up all manner of metadata from users that can be used to buttress health data. That includes who you exercise with, favorite walking- and jogging routes and the times you prefer to work out. Of course, social media activity is also subject to monitoring by these health apps, which often integrate with platforms like Facebook, Twitter and Pinterest to share workout information. [Read more Security Ledger coverage of wearable technology here.] All of this could spell trouble for consumers. To quote Tarala: “there are companies interested in your Quantified Self, but their goals may not be to health related.” […]
Search Results for "Point of Sale"
In this Spotlight Podcast, sponsored by The Trusted Computing Group, we speak with Matthew Areno, a Principal Engineer in the Intel Product Assurance and Security (IPAS) group about the fast-changing landscape of cyber threats including attacks on hardware and software supply chains.
U.S. providers should be “on alert” for an increase in payments fraud experts warn. The European Union’s (EU’s) new Payment Services Directive (PSD2) raises the bar for security and may cause cybercriminals to focus on targets in this country.
Podcast Episode 123: HaveIBeenPwned’s Troy Hunt on Marriott’s Big Mess and GreatHorn on the Asymmetric Threat of Email
Thanks to our friends at GreatHorn for sponsoring this week’s podcast. In this episode of the Podcast, # 123: Troy Hunt, the founder of HaveIBeenPwned.com joins us to talk about Marriott International’s big mess: a breach of Starwood Hotels’ reservation system that revealed information on half a billion (with a “B”) guests. And, in our second segment: you’ve heard of Business Email Compromise attacks but what about Business Service Impersonation scams? In our second segment we speak with Kevin O’Brien the CEO and co-founder of GreatHorn about using machine learning to defend against asymmetric messaging threats.
The Marriott breach underscores how companies fail to price in the risk of poor data security. In the age of GDPR, that could be an expensive failure.