18 infosec pros share the top considerations for CISOs when consolidating information security solutions.

What's the difference between a data controller and a data processor? What are their responsibilities under GDPR? Learn more in Data Protection 101, our series on the fundamentals of information security.

A jury ruled that Emerson Electric stole proprietary data center designs from BladeRoom, putting a close to a long running trade secrets lawsuit. The ruling comes a month after Facebook settled with the British manufacturing firm over similar charges.

Learn about Control Objectives for Information and Related Technologies, or COBIT, the goals of the framework, the benefits, how it can help companies meet compliance, and more in Data Protection 101, our series on the fundamentals of information security.

A set of vulnerabilities dubbed "EFAIL" affect encryption standards like PGP and S/MIME and could reveal the plaintext of encrypted emails sent in the past.

A significant portion of an infosec pro's workweek is devoted to keeping up with all things cyber, from new threats to new tools. Following influencers on their blogs, social media, and other online presences helps us stay up-to-date with the latest in infosecurity.

Learn about what an insider threat analyst does, along with how they affect existing procedures, policies, and protection layers in organizations in Data Protection 101, our series on the fundamentals of information security.

Learn about what ICS security is, challenges, best practices, and more in Data Protection 101, our series on the fundamentals of information security.

LocalBlox, a data firm that bills itself as "a powerful, scalable and distributed data acquisition platform" is the latest company to mistakenly leave data out in the open on a publicly accessible Amazon Web Services (AWS) S3 bucket. The company, based in Bellevue, Wash. left a slew of data online; 48 million records containing information on tens of millions of individuals including names, addresses, and dates of birth. The dataset also included data apparently scraped from Twitter handles, along with LinkedIn and Facebook profiles. Data from Zillow, a popular real estate site, has also been scraped and composited into the dataset. The company was notified of the unsecured bucket by researchers with UpGuard, a Mountain View firm that's had a knack for uncovering data sets like this as of late. The firm notified LocalBlox on February 28 and the bucket was secured later that day, UpGuard said Wednesday. The bucket contained a single 151.3 GB compressed file that decompressed to a 1.2 terabyte Newline Delimited JSON file. According to researchers, who combed through the dataset when they first came across it in a subdomain, “lbdumps,” on February 8, each record is in JSON format.

The law closes a loophole that could allow sensitive health data to be shared with the primary subscriber of a health plan.

23 cybersecurity pros discuss the best ways to avoid cyber alert fatigue.

Learn about what SCADA security is, examples of threats and vulnerabilities, and more in Data Protection 101, our series on the fundamentals of information security.

Tim Bandos describes how to leverage Shimcache, to conduct enterprise scale threat hunting.

The warnings, scheduled to roll out to users on Monday, come just days after Facebook suspended two other data analytics companies over similar data misuse allegations.

Learn about what a data repository is, the best practices for working with them, and more in Data Protection 101, our series on the fundamentals of information security.

A security researcher notified the restaurant last August it was leaking customers' data on its website in plain text.

Learn about what a cyber threat hunter does in Data Protection 101, our series on the fundamentals of information security.