Security Boulevard

via the comic humor & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘T. Rex Evolution’ appeared first on Security Boulevard.

Cary, NC, Jan. 26, 2025, CyberNewswire — INE Security, a leading global provider of cybersecurity training and certifications, today announced a new initiative designed to accelerate compliance with the Department of Defense’s (DoD) newly streamlined Cybersecurity Maturity Model Certification … (more…)

The post News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 compliance first appeared on The Last Watchdog.

The post News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 compliance appeared first on Security Boulevard.

by Source Defense Ensuring compliance with PCI DSS 4.0, specifically requirements 6.4.3 and 11.6.1, is not just about meeting regulations—it’s about securing your customers’ trust and protecting your brand from emerging threats like Magecart and eSkimming. Achieving this requires more than just technology; it requires a trusted partner who can navigate the complexities of compliance.

The post Finding the Right Partner for PCI DSS 4.0.1 Compliance: Requirements 6.4.3 and 11.6.1 appeared first on Source Defense.

The post Finding the Right Partner for PCI DSS 4.0.1 Compliance: Requirements 6.4.3 and 11.6.1 appeared first on Security Boulevard.

Author/Presenter: Lacey Harbour

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – 3DU Homo ex Machina appeared first on Security Boulevard.

Exabeam has extended the reach of its generative artificial intelligence (GenAI) capabilities to its LogRhythm security information event management platform which is designed to be deployed by internal IT teams.

The post Exabeam Extends Generative AI Reach to LogRhythm SIEM appeared first on Security Boulevard.

Ultimately, the goal of the autonomous SOC is to create a more efficient and effective security environment where human analysts and AI work together to achieve a higher level of security than either could achieve alone. Working together, each improves the other.

The post Humans are the Beating Heart of the Autonomous SOC appeared first on Security Boulevard.

Asset awareness is the first step in understanding your complete security posture. If you don’t know what assets you own, how can you protect them? 

The post Do You Know What Your Assets Are?  appeared first on Security Boulevard.

A modern EASM solution offers more by incorporating meaningful first-party and third-party cyber risk insights than conventional TPRM solutions.

The post Are Third-Party Risk Management Solutions Effective Enough?   appeared first on Security Boulevard.

Data Privacy Day 2025: A Chance to Take Control of Your Data
madhav
Mon, 01/27/2025 - 09:19

Trust is the cornerstone of every successful relationship between businesses and their customers. On this Data Privacy Day, we reflect on the pivotal role trust plays in the digital age. It’s earned not just through excellent products or services but also through a steadfast commitment to protecting the data consumers share.

When businesses take control of their data practices—prioritizing transparency, security, and compliance—they send a powerful message: "We value your privacy." By championing data privacy, organizations don’t just meet regulatory obligations; they build enduring loyalty, ensuring customers feel secure in every interaction. After all, trust begins with safeguarding what matters most.

The Biggest Challenge in Security Today: Data Sovereignty

Data privacy is contextualized by the principle of data sovereignty, the idea that data is governed by the laws of the country in which it originated. This has the potential to help or hinder data privacy. Still, in general, regulations have been vastly in favor of consumer-leaning data privacy rights and the responsibility of organizations to keep private data safe.

However, the game is changing as companies ingest data to power their AI models. In the wake of breakneck advancements like Generative AI, the cement has yet to harden on the correct governance of these policies, leaving data privacy in the lurch as questions of data sovereignty are being settled – even as companies continue to move ahead.

A Thales recent report, Data Sovereignty: Who Owns Your Data and Can You Control It?, states, “The dominance of a small number of large technology companies is considered the driving force fueling the urgency of addressing data sovereignty.” Because data is today’s oil, and power follows money, the companies that own the data wield a proportionate amount of power. In the words of the report, “These companies control vast quantities of user data, giving them considerable influence over privacy, data protection, and the digital environment.” This is why coming up with answers to pressing data sovereignty issues is “not just a legal obligation but a strategic necessity for businesses.”

While the advent of AI in this space could be perceived as a challenge to data privacy, the attention it draws to the topic is also a timely boon. Although it raises the issue, the data privacy problem needs to be addressed, and it ties directly into the question of “Who controls your data?”

As companies strive to comply with compliance guidelines, maintaining proper data control is arguably the most important focus of all strategic security initiatives. Not only is it essential in a legal context, but it is also vastly important to consumers.

Consumers Do Business With Organizations That Protect Their Privacy

It is no surprise that today’s consumers want to establish business with companies that share their position on how data should be valued, protected, and preserved. Chris Harris, Thales Associate VP, Sales Engineering, noted, “Data privacy remains as a key factor in our perception of whether or not to trust a company.” Within a professional context, trust means business.

In the Thales 2024 Digital Trust Index, “The majority [of respondents] (89%) would consent for organizations to use their data – but only if certain caveats are met.” In other words, you can use my data, but on my terms. Given the fact that consumers’ data is the inroads into their lives (and they know what it’s worth), this attitude only makes sense.

That means that companies who want to stay competitive need to play ball. It is no longer an option to keep users in the dark about where their data is going (not in the compliance world, and not in the intangible world of customer satisfaction). Today, “as many as 87% of consumers also expect basic levels of data privacy to be met,” and they don’t want to suffer for it; more than a fifth (22%) will give up within sixty seconds if they encounter frustrating privacy-promoting practices like password resets and re-entering personal information.

It’s a tough road for companies to walk, but one that they must figure out how to navigate nonetheless if they want to stay at the forefront and give today’s consumers what they want: a frictionless, secure user experience. The right tools must be in place to balance these seemingly contradictory (or at least complicated) demands.

Maintaining Data Control When Odds Stack Against You

Companies wanting to keep that competitive edge (with privacy increasingly being the deciding factor) would do well to invest in data privacy measures, from employee awareness programs and basic data protection hygiene techniques to more advanced protections to maintain the necessary control of their customers’ data.

Thales offers a comprehensive portfolio of products to secure a world powered by applications, data, and digital identities. All these solutions communicate a strong signal, ‘We care about your data and who has access to it.’ Plus, they offer more than just security; they enhance customer experience, removing the friction that would cause individuals to jump ship.

The ability to give users what they want while offering them the privacy they need is a juggling act, but one that organizations are being asked to do in today’s fast-moving, privacy-conscious world. Data Privacy Day 2025 puts a spotlight on these demands, and data privacy tools from Thales can help companies carry them out.

For more in-depth insights on maintaining data control, download our 2024 Data Security Directions Council Report.

Data Security Compliance Cloud Security Schema {
"@context": "https://schema.org",
"@type": "BlogPosting",
"headline": "Data Privacy Day 2025: A Chance to Take Control of Your Data",
"description": "Learn how Data Privacy Day 2025 highlights the importance of transparency, compliance, and trust in protecting customer data. Discover actionable steps to safeguard sensitive information and maintain data control.",
"image": "https://cpl.thalesgroup.com/sites/default/files/content/white-paper/tn/2025-Data-Privacy-Day.webp",
"author": {
"@type": "Organization",
"name": "Thales Group",
"url": "https://cpl.thalesgroup.com"
},
"publisher": {
"@type": "Organization",
"name": "Thales Group",
"description": "The world relies on Thales to protect and secure access to your most sensitive data and software wherever it is created, shared, or stored. Whether building an encryption strategy, licensing software, providing trusted access to the cloud, or meeting compliance mandates, you can rely on Thales to secure your digital transformation.",
"url": "https://cpl.thalesgroup.com",
"logo": "https://cpl.thalesgroup.com/sites/default/files/content/footer/thaleslogo-white.png",
"sameAs": [
"https://www.facebook.com/ThalesCloudSec",
"https://www.twitter.com/ThalesCloudSec",
"https://www.linkedin.com/company/thalescloudsec",
"https://www.youtube.com/ThalesCloudSec"
]
},
"datePublished": "2025-01-27",
"mainEntityOfPage": "https://cpl.thalesgroup.com/blog/data-security/data-privacy-day-2025",
"dateModified": "2025-01-27"
} basic

The post Data Privacy Day 2025: A Chance to Take Control of Your Data appeared first on Security Boulevard.

Learn how DMARC email security can protect your brand, improve deliverability, and prevent phishing attacks. Get expert advice and best practices.

The post DMARC Email Security: A Guide to Protecting Your Domain  appeared first on Security Boulevard.

In this episode, we discuss the latest issues with data brokers, focusing on a breach at Gravy Analytics that leaked 30 million location data points online. We also explore a vulnerability in Subaru’s Starlink system that allows unrestricted access to vehicle controls and customer data using just a last name and license plate number. Co-host […]

The post Gravy Analytics Breach, Subaru Starlink Vulnerability Exposed appeared first on Shared Security Podcast.

The post Gravy Analytics Breach, Subaru Starlink Vulnerability Exposed appeared first on Security Boulevard.

Is Traditional Cybersecurity Enough in the Age of Automation? Imagine this. You’re in charge of your company’s cybersecurity, and you’ve invested in the best protection money can buy. But a data breach happens, and you’re left wondering where things went wrong. Could the intrusion have been prevented? Is there a better way to safeguard your […]

The post Innovative Approaches to Secrets Scanning appeared first on Entro.

The post Innovative Approaches to Secrets Scanning appeared first on Security Boulevard.

How Crucial is Automated Identity Management in Scaling Security? There’s an ever-increasing need for advanced cybersecurity measures. Organizations, especially those operating in the cloud, can no longer afford to ignore automated identity management as a key part of these precautions. But what does that really entail? And why is it so essential to scaling security? […]

The post Scaling Security with Automated Identity Management appeared first on Entro.

The post Scaling Security with Automated Identity Management appeared first on Security Boulevard.

Why are Non-Human Identities (NHIs) Crucial for Seamless Security? Can you imagine a smooth security system that leaves no stone unturned? Non-human identities (NHIs) and secrets management play a significant role in creating an empowered security strategy, particularly in the cloud environment. NHIs, defined as machine identities in cybersecurity, are the linchpins that control access […]

The post Empowering Cloud Compliance with Seamless Security appeared first on Entro.

The post Empowering Cloud Compliance with Seamless Security appeared first on Security Boulevard.

Learn how to secure your company's digital assets in just 10 minutes a day. This practical guide shows small business owners and startup founders how to manage access, respond to security issues, and handle employee departures efficiently—all without disrupting daily operations.

The post The Small Business Guide to Everyday Access Management and Secure Off-boarding appeared first on Security Boulevard.

Authors/Presenters: Patrick Walsh, Bob Wall

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Attacks On GenAI Data & Using Vector Encryption To Stop Them appeared first on Security Boulevard.

Cary, North Carolina, 26th January 2025, CyberNewsWire

The post INE Security Alert: Expediting CMMC 2.0 Compliance appeared first on Security Boulevard.

Why is Trust-Building Paramount in Cybersecurity? Have you considered how much trust we place in our cyber systems daily? It’s a silent bond we form without realizing it. We trust that our online interactions are secure, that our data is protected, and that breaches are highly unlikely. But, how do businesses and organizations ensure the […]

The post Building Trust with Effective IAM Solutions appeared first on Entro.

The post Building Trust with Effective IAM Solutions appeared first on Security Boulevard.

How Crucial is Comprehensive NHI Management in Ensuring Data Safety? Are we doing all we can to ensure our data’s safety? One answer lies in the comprehensive management of Non-Human Identities (NHIs). As machine identities, these are critical in safeguarding our cloud environment from security threats. Unraveling the Complexities of NHI Management Managing NHIs entails […]

The post Ensuring Data Safety with Comprehensive NHIDR appeared first on Entro.

The post Ensuring Data Safety with Comprehensive NHIDR appeared first on Security Boulevard.

Are Your DevOps Truly Secured? As DevOps continue to streamline the software development process, have you considered how secure your practices truly are? An essential part of the answer lies within the realm of Non-Human Identities (NHIs) and Secrets Management – two integral aspects that can significantly enhance your cybersecurity efforts. Unlocking the Potential of […]

The post Empower Your DevOps with Robust Secrets Security appeared first on Entro.

The post Empower Your DevOps with Robust Secrets Security appeared first on Security Boulevard.