Our Thinking

In early 2017, HP invited a group of cybersecurity industry bloggers and podcasters to gather for an HP Print Security “Tech Day” at their headquarters in Palo Alto, CA. The purpose of the gathering was to introduce the group to HP’s printer security program (#reinventsecurity), foster discussion, and get feedback on the program. This event was the precursor to a major marketing campaign for HP to promote everything they’ve been doing in terms of making their printers more secure and also building printers with “cyber resilience”, meaning they have the capacity to detect malicious or accidental actions and even recover from the attacks. HP has worked diligently to improve the security of printers which in turn helps to create a more secure enterprise network.

Password complexity and authentication has always been a subject of contention both for users and system  administrators. Many assume that forcing users to create more complex passwords, and changing them frequently,   will lead to greater system safety - in theory this may be true. Given human nature, things rarely go as planned and research has shown that forcing users to comply with these additional requirements has actually had a detrimental effect on system security.

In Part One of this blog we introduced the California Consumer Privacy Act of 2018 (CCPA) and highlighted some of the important points organizations need to look out for to be compliant. In Part Two we elaborated on the scope of the CCPA in terms of businesses covered and their obligations. In this final part we will discuss how the CCPA will be enforced and what you can do now to become CCPA compliant.

In the first part of this blog series we took a look at the the California Consumer Privacy Act (CCPA) that is coming into effect in January 2020. The implications of being off side with the new regulations are not trivial and apply to more than 500,000 US businesses according to the IAPP - not to mention any business around the world that has the personal data of California businesses and meet the relevant threshold. That is A LOT of businesses. Now how is that possible you ask? Let’s take a closer look at the businesses who will fall under the CCPA’s umbrella come 2020. 

On July 19, Visa posted an important and timely security alert regarding“Chatbots”. In a nutshell, Visa says that due to the rise in online and mobile commerce, AI and chatbots (both text and voice) have become increasingly important to payment system companies to handle increasing call volumes. With that said, Visa goes on to say that they have become aware of attackers targeting these online chat service providers and distributing malware to intercept payment card data.

Privacy and protection of personal information has almost always seemed like it should be a basic human right everywhere in the world, not only in the European Union where it has long been acknowledged as such. Within the last 10 years, however, that notion has been blurred by social media, the rise of online shopping, and subsequently the hacking of just about everything that lives on the Internet. For the longest time people have sort of just accepted this overreach and misuse of their personal information as the price you pay for using the Internet. Sure, maybe they delete Facebook for a while or change their passwords, but now that is starting to seem like it is not enough and governments from around the world are beginning to step in, in a big way.

Hi folks, my name is Tim McCreight and I’m a new member of the Risk, Security & Privacy practice here at Online. I wanted to take this opportunity to introduce myself to a new audience and write about one of my favourite topics in the security industry – Risk!

By now, most of the world has heard about the alarm pertaining to a zombie alert in Lake Worth, Florida.  Do we think that zombies were getting their day in the sun, or could it possibly be that whomever was responsible for writing the power alert application (or for testing it) was in some sort of zombie state at the time?

Neighbors, babysitters, handymen, even family members; your backyard, upstairs deck, even your own front door…

Statistics show the vast majority of burglaries and theft, especially identity theft, are perpetrated by a household acquaintance or family member. The US Department of Justice says that “Offenders were known to their victims in 65% of violent burglaries; offenders were strangers in 28%.” Similarly, any Google search yields countless articles listing front doors, backyards, and ground floor windows as the most common points of entry for burglars. 

With RSA Conference 2018 behind us, we asked Onliner Derek Nwamadi to share some of his observations from the conference floor. 

This year’s RSA Conference did not disappoint. Once again attendees were treated to a great line up of presentations, events, and an always impressive expo floor. Looking back at my week at RSA, one word kept coming to 

mind –