There is an ever-increasing breadth in the types of targets of data breaches in 2021. Extracting and exposing individuals’ sensitive personal data that is key to large brand and government trust remains the most prevalent vulnerability. In June, targeted industries, tech companies, and known organizations across the world stand out …
While attention has been turned this last month to crises such as the Delta variant and Afghanistan, cyber attacks continue their relentless hits on sensitive data. From healthcare to tech, politics to education, no industry was safe from hackers and threats. Data Security Health Checkup Protected health information (PHI) is …
In September, personal data found in incidents discovered worldwide—some taking advantage of the most vulnerable communities and individuals—was found, posted, and made available for sale seemingly in every region. Conservatively calculated, hundreds of millions of people’s personal information was exposed. It’s impossible to even report on the totality of the …
When we look at how companies approach getting their PCI DSS report on compliance (ROC), we find it is typically handled as a “project.” Often this “project” (or group of “projects”) is signed off on by the C-suite. Next comes vendor selection, choosing a group from the Big Four accounting …
There are an estimated 4.03 billion people around the world who use email. And even considering the advent of multiple other collaboration tools, large portions of the business world are still managed completely—and not always securely—through email communication. Cyberattacks also often target businesses through email. In 2019, 88 percent of …
As compliance laws get stricter and data breaches become more common, the methods companies use to obtain consumer data for their business purposes are under more scrutiny than ever before. Privacy laws would have consumers believe that every organization is committed to collecting data in purely ethical ways. But some …
It seems like just yesterday I was blogging about the latest state data privacy law, Virginia’s Consumer Data Protection Act (CDPA), and already there’s a new one to discuss. On June 8, 2021, the Colorado legislature officially passed the Colorado Privacy Act (CPA). The state Senate also voted unanimously to adopt …
The California, Virginia, and Colorado state privacy laws that have been recently passed are drawing some much needed attention to consumers’ rights when it comes to their data. It’s true that some consumers have the right to request that their data be deleted from certain companies. But what is that …
After what feels like a long time coming (in fact, PKWARE first blogged about this in January 2020), PCI DSS 4.0 is now currently slated for release in Q1 of 2022. The final drafts have been completed and the PCI SSC (PCI Standards Security Council) is currently working on supporting …
The recent proliferation of high-profile ransomware attacks proves that threat actors are not slowing down, and they don’t care who they attack in the search of a big pay day. It’s more important than ever that companies, large or small, are prepared to handle a cyber-attack, in the event their …
