Tag: GDPR
-
Three Keys to Modernizing Data Security: DSPM, AI, and Encryption
by
in SecurityNews
Tags: access, ai, automation, best-practice, business, cloud, compliance, container, control, cyber, cybercrime, data, data-breach, detection, encryption, GDPR, incident response, infrastructure, privacy, regulation, risk, saas, security-incident, skills, software, strategy, threat, tool, vulnerabilityThree Keys to Modernizing Data Security: DSPM, AI, and Encryption andrew.gertz@t“¦ Tue, 01/21/2025 – 14:56 Organizations worldwide face a “perfect storm” of increasing and ever-evolving cyber threats. Internal and external factors are at play, elevating cyber risks and their consequences and mandating new approaches to safeguard data. A recent study based on responses from over…
-
GDPR Fines Total Euro1.2bn in 2024
by
in SecurityNewsData from DLA Piper showed a 33% year-on-year fall in GDPR fines issued in Europe in 2024, with total penalties reaching Euro1.2bn First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/gdpr-fines-total-2024/
-
European Court Fines European Commission for GDPR Violation
by
in SecurityNewsTransfer of German Man’s IP Address Wins Him 400 Euros. European privacy regulation – bane of American technology companies and a favorite cudgel of activists – came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.…
-
Court orders European Commission to pay its first-ever GDPR fine
by
in SecurityNewsA German citizen will receive Euro400 from the European Commission for a violation of the General Data Privacy Regulation (GDPR), the first time the EU’s executive arm will pay such a fine.]]> First seen on therecord.media Jump to article: therecord.media/european-commission-pays-gdpr-fine-german-citizen
-
The biggest data breach fines, penalties, and settlements so far
by
in SecurityNews
Tags: access, apache, attack, breach, business, china, ciso, communications, compliance, control, credentials, credit-card, cyberattack, cybercrime, cybersecurity, data, data-breach, email, finance, flaw, framework, GDPR, google, hacker, Hardware, identity, Internet, law, leak, linkedin, microsoft, mobile, monitoring, network, office, phone, privacy, regulation, risk, service, software, technology, tool, training, update, vulnerabilitySizable fines assessed for data breaches in recent years suggest that regulators are getting more serious about cracking down on organizations that don’t properly protect consumer data.Hit with a $ 1.3 billion fine for unlawfully transferring personal data from the European Union to the US, Meta tops the list of recent big-ticket sanctions, with one…
-
How a Global Insurer Protects Customer Data Achieves Compliance With DataDome
by
in SecurityNewsDiscover how a global insurance leader leverages DataDome to protect endpoints from sophisticated bots, achieve GDPR compliance, block brute-force attacks, and gain actionable threat insights. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/how-a-global-insurer-protects-customer-data-achieves-compliance-with-datadome/
-
Volkswagen massive data leak caused by a failure to secure AWS credentials
by
in SecurityNewsA failure to properly protect access to its AWS environment is one of the root causes of the recent massive Volkswagen data leak, according to a presentation on the incident at the Chaos Computer Club on Dec. 27.But the security analyst who helped expose the leak said the $351 billion car manufacturer violated its own…
-
Italy Fines OpenAI Euro15 Million for ChatGPT GDPR Data Privacy Violations
by
in SecurityNewsItaly’s data protection authority has fined ChatGPT maker OpenAI a fine of Euro15 million ($15.66 million) over how the generative artificial intelligence application handles personal data.The fine comes nearly a year after the Garante found that ChatGPT processed users’ information to train its service in violation of the European Union’s General Data Protection Regulation (GDPR).The…
-
Netflix Fined Euro4.75 Million Over GDPR Transparency Issues
by
in SecurityNewsNetflix has been hit with a Euro4.75 million fine by the Dutch Data Protection Authority (DPA). The fine stems from the company’s failure to clearly explain its data practices to users between 2018 and 2020″, highlighting a key issue that has been in the spotlight ever since the GDPR was introduced. What Went Wrong? The…
-
EU Opens Door for AI Training Using Personal Data
by
in SecurityNewsThe EU Data Protection Board (EDPB) published a long-awaited opinion on how GDPR should apply to AI models First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/edpb-ai-training-personal-data/
-
European authorities say AI can use personal data without consent for training
by
in SecurityNewsThe European Data Protection Board (EDPB) issued a wide-ranging report on Wednesday exploring the many complexities and intricacies of modern AI model development. It said that it was open to potentially allowing personal data, without owner’s consent, to train models, as long as the finished application does not reveal any of that private information.This reflects…
-
Dutch DPA Fines Netflix Euro4.75 Million for GDPR Violations Over Data Transparency
by
in SecurityNewsThe Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix Euro4.75 million ($4.93 million) for not giving consumers enough information about how it used their data between 2018 and 2020.An investigation launched by the DPA in 2019 found that the tech giant did not inform customers clearly enough in its privacy…
-
In potential reversal, European authorities say AI can indeed use personal data, without consent, for training
by
in SecurityNewsThe European Data Protection Board (EDPB) issued a wide-ranging report on Wednesday exploring the many complexities and intricacies of modern AI model development. It said that it was open to potentially allowing personal data, without owner’s consent, to train models, as long as the finished application does not reveal any of that private information.This reflects…
-
Meta Hit with Massive $263m GDPR Fine
by
in SecurityNewsThe Irish Data Protection Commission has fined Meta $263m for a 2018 data breach impacting 29 million Facebook accounts First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/meta-hit-with-massive-263m-gdpr/
-
Meta fined $263 million for alleged GDPR violations that led to data breach
by
in SecurityNewsIreland’s data privacy regulator said it was levvying the fine for data security failures that led to information on about 29 million Facebook users being exposed.]]> First seen on therecord.media Jump to article: therecord.media/meta-fined-263-million-gdpr-violations-data-breach
-
3 Common GDPR Challenges and How to Overcome Them
by
in SecurityNewsPractical tips for GDPR compliance Responsible for data protection and EU GDPR (General Data Protection Regulation) compliance? Chances are you’ve come across these 3 common challenges: Data privacy trainer Andy Snow hears about these challenges a lot, having trained over 4,000 people on the GDPR. Here are his practical tips for overcoming them. In this…
-
Gen AI use cases rising rapidly for cybersecurity, but concerns remain
by
in SecurityNews
Tags: ai, attack, automation, awareness, ceo, ciso, compliance, control, cybersecurity, data, detection, finance, framework, fraud, GDPR, governance, grc, group, guide, Hardware, HIPAA, incident response, intelligence, international, malware, middle-east, monitoring, phishing, privacy, RedTeam, regulation, risk, risk-assessment, risk-management, soc, software, strategy, technology, threat, tool, training, usaGenerative AI is being embedded into security tools at a furious pace as CISOs adopt the technology internally to automate manual processes and improve productivity. But research also suggests this surge in gen AI adoption comes with a fair amount of trepidation among cybersecurity professionals, which CISOs must keep in mind when weaving gen AI…
-
‘White FAANG’ Data Export Attack: A Gold Mine for PII Threats
Websites these days know everything about you, even some details you might not realize. Hackers can take advantage of that with a sharp-toothed attack that exploits Europe’s GDPR-mandated data portability rules. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/white-faang-data-export-attack-pii-threats
-
KI-gestützte Lösung zur Verbesserung der Patientenversorgung in Senioren- und Pflegeeinrichtungen
by
in SecurityNewsDie -Lösung von Kepler Vision Technologies und Mobotix hat diese Woche ein wichtiges Upgrade erhalten. Der Mobotix-c71-Smart-Sensor erkennt jetzt Verhaltensanomalien genauer und verbessert die Genauigkeit, wodurch Fehlalarme reduziert werden. Die Nurse-Assist-Sensoren sind weiterhin GDPR- und HIPAA-konform, was die Privatsphäre der Patienten und Bewohner schützt und ihre Sicherheit gewährleistet. Nach der erfolgreichen Einführung von Nurse-Assist, der…
-
Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams
by
in SecurityNewsNextcloud has unveiled Nextcloud Talk, an open-source alternative to Microsoft Teams. It’s a privacy-compliant collaboration platform for hybrid teams that gives … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/03/nextcloud-talk-open-source-microsoft-teams-alternative/
-
Why identity security is your best companion for uncharted compliance challenges
by
in SecurityNews
Tags: access, ai, attack, authentication, automation, business, cloud, compliance, control, cyberattack, cybersecurity, data, detection, exploit, finance, framework, GDPR, governance, government, healthcare, HIPAA, identity, india, law, least-privilege, mitigation, monitoring, privacy, regulation, risk, risk-management, service, strategy, supply-chain, technology, threat, tool, zero-trustIn today’s rapidly evolving global regulatory landscape, new technologies, environments, and threats are heightening cybersecurity and data privacy concerns. In the last year, governing bodies have taken significant steps to enact stricter compliance measures”, and more than ever, they are focusing on identity-related threats.Some notable changes include: The National Institute of Standards and Technology (NIST)…
-
CIO POV: Building trust in cyberspace
by
in SecurityNews
Tags: access, ai, attack, best-practice, business, cio, cisa, cloud, cyber, data, deep-fake, encryption, framework, GDPR, group, identity, infrastructure, intelligence, Internet, mfa, mitre, nist, privacy, regulation, resilience, risk, service, software, strategy, technology, threat, tool, update, windowsTrust lies at the heart of every relationship, transaction, and encounter. Yet in cyberspace”, where we work, live, learn, and play”, trust can become elusive.Since the dawn of the internet nearly 50 years ago, we’ve witnessed incredible digital transformations paired with increasingly formidable threats. Knowing who and what to trust has become so difficult that…
-
Can You Transfer Data to the US Under the GDPR?
by
in SecurityNewsThe Data Privacy Framework, standard contractual clauses, and binding corporate rules The EU GDPR (General Data Protection Regulation) is strict about international data transfers EU residents’ personal data may not leave the EU or EEA unless an appropriate safeguard is in place. What are the most common safeguards US organizations can expect EU organizations to…
-
Increased GDPR Enforcement Highlights the Need for Data Security
by
in SecurityNewsGDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. GDPR: The landscape of data privacy and protection has never been more critical. With regulators around the world intensifying scrutiny, companies are facing increasing pressure to comply with stringent data protection laws. The latest…
-
Does the GDPR Apply to American Organizations?
by
in SecurityNewsGDPR scope, applicability, and key requirements Does the EU GDPR (General Data Protection Regulation) apply in the US? Yes, if your organization offers goods or services to, or monitors the behavior of, EU residents, irrespective of their citizenship. Equally, the EU GDPR doesn’t apply to US residents or customers, even if they’re EU citizens. The…
-
TikTok Pixel Privacy Nightmare: A New Case Study
by
in SecurityNewsAdvertising on TikTok is the obvious choice for any company trying to reach a young market, and especially so if it happens to be a travel company, with 44% of American Gen Zs saying they use the platform to plan their vacations. But one online travel marketplace targeting young holidaymakers with ads on the popular…