Nicolas Reys of Control Risks spoke with SC Media about how companies can position themselves to rebound from a year complicated by the pandemic, climate change challenges and deteriorating U.S.-China relations.
If 2020 brought deadlines tied to various privacy and data protection policies, then 2021 means compliance – with less leniency for companies that fall short of regulations.
In a new report on governance, risk and compliance, Forrester advises top security officials that they have to prepare for more regulations around privacy and personal control over data, especially when it comes to handling medical data during the pandemic.
In a nutshell, the capability allows computers to perform operations on encrypted information without decrypting it first – meaning data science and machine learning are possible without actually seeing the data.
Some on social media speculated the resolution would be binding or that legislation was imminent. Neither are true. But it’s another signal that encryption isn’t settled policy in even the privacy-protective EU.
China announced a comprehensive global data security program Tuesday, proposing many of the same international norms agreed upon by Western nations already, while protecting China’s interest in balkanizing the internet. State Councilor and Foreign Minister Wang Yi proposed the “Global Data Security Initiative” in a statement translated here by the New America think tank. According…
Proponents of the Eliminating Abusive and Rampant Neglect of Interactive Technologies Act (EARNIT) might tout its tough stance on online child sexual abuse material but privacy and digital rights advocates contend the bill, just passed by the Senate Judiciary Committee, will erode end-to-end encryption. EARN IT revokes Section 230 protection for internet intermediaries for what…
Zoom said Wednesday that it would extend end-to-end encryption to users of its free service. The popular conferencing platform had drawn criticism for its plans to provide E2EE only to its paid customers but after consulting with civil liberties groups, encryption experts, child safety advocates and others, released an updated and inclusive E2EE design on…
Beginning today, Let’s Encrypt is revoking more than 3 million of its Transport Layer Security (TLS) certificates, following the discovery of a bug that affects the way it rechecks CAA (Certificate Authority Authorization) records. “Most subscribers issue a certificate immediately after domain control validation, but we consider a validation good for 30 days,” explained Jacob Hoffman-Andrew,…
The security firm Keyfactor recently presented information proving that about 250,000 RSA keys are vulnerable to compromise. The report was based on the examination of 175 million RSA certificates and keys. Researchers mined active and publicly available RSA keys to identity any common factors. Keyfactor said Any keys sharing one of their prime factors with…
