Categories
Risk Management

GDPR Goes After Google — And Your App Could be Next

Reading Time: 3 minutes

GDPR fines were inevitable. Despite years of lead-up and months of warning before the legislation came into effect last May, many companies simply weren’t prepared for the complex (and evolving) nature of EU privacy expectations.

Categories
Risk Management

Data Breaches in 2019: Why the Hackers are Winning (And What You Can do About It)

Reading Time: 3 minutes

Hackers are winning. As noted by Information Age, data breach reports are up 75 percent over the last two years — while part of this increase is tied to emerging legislation and disclosure requirements, a quick look at tech headlines makes it clear that attackers are coming out ahead in the fight to keep corporate networks, applications and data secure.

Categories
Risk Management

Shift Left: The Case for “Time-Traveling” App Security

Reading Time: 3 minutes

Time is of the essence for application security — the sooner IT teams can detect potential attacks and the longer it takes cybercriminals to crack app code, the better your business outcomes. 

Categories
Risk Management

Hacked Hospitality: Marriott Data Breach Puts 500 Million Guests at Risk

Reading Time: 3 minutes

Hotel chain Marriott International isn’t having a good week: As reported by The New York Times, the company announced that its reservation database for Starwood-branded properties had been hacked. The numbers aren’t great, with initial data suggesting that 500 million guest records have been compromised across records dating back to 2014.

Categories
Risk Management

Artificial Intelligence, Real Threats: Can Attackers Flip the AI Script?

Reading Time: 4 minutes

There’s big money in artificial intelligence (AI) — reaching almost $12 billion over the next six years. As noted by research firmMcKinsey & Company, companies are now in the process of building out the technology foundation they need for AI deployment, with 45 percent of executives already worried about not investing enough in AI to keep up with the competition. It’s not a baseless fear: The McKinsey research also suggests that AI adoption is following a standard “S-Curve” model, which starts with slow adoption by a limited number of businesses followed by rapid mass adoption as market opportunities increase and then slows again as stragglers are left behind. 

Categories
Risk Management

Rogue Apps: Facilitating Theft from Developers and Consumers

Reading Time: 3 minutes

That was the title of yesterday’s congressional briefing organized by ACT | The App Association (in cooperation with the Congressional IP Caucus which is co-chaired by Rep. George Holding, Rep. Adam Smith, & Rep. Hakeem Jeffries).

Categories
Risk Management

No Second Chances: App Shielding and the Emerging Need for DevSecOps

Reading Time: 3 minutes

App development now happens at breakneck speeds as companies recognize the need for first-to-market applications that exceed consumer expectations for usability and performance. The root of this rapid release cycle? DevOps — the combination of development and operations teams to deliver best-in-class applications ASAP.

Categories
Risk Management

Create More Secure Applications – Don’t Hard Code Credentials; Instead, Use Application Hardening

Reading Time: 3 minutes

Credentials are a problem for your app. Why? Because they’re a critical access gateway: If attackers get their hands on working usernames and passwords they can cause havoc — everything from stealing user accounts to compromising high-level application functions.

Categories
Risk Management

Are You Following These Top 10 App Protection Practices?

Reading Time: 6 minutes

Despite the rising costs and impact of application compromise — recent data found that 58 digital records are stolen every second and breaches cost companies an average of $3.6 million — many best practices and procedures for securely designing, developing, testing and protecting applications are largely ad-hoc. As noted by Tech Republic, in fact, exactly ZERO percent of organizations say their security needs are fully met by their current infosec strategy, down from just 11 percent last year.

Categories
Risk Management

Latest NIST Publications Reinforce the Importance of Application Hardening in Securing Data

Reading Time: 3 minutes

Now is the time to seriously look at how you are protecting and securing your applications

The U.S. National Institute of Standards and Technology (NIST) has published two data-security focused documents in as many months.