Most cloud providers are only responsible for protecting the infrastructure that runs these services, while the customer is responsible for security inside the cloud, creating a shared responsibility of both the cloud provider and customer.
Following a cyber-attack in 2015 that caused a data breach from one of Carphone Warehouse's computers, the company has just been given a £400,000 fine, one of the highest fines for a data-breach in the UK to date.
Cyber-espionage group Turla is reported to be targetting embassies and consulates in the post-Soviet states using a new tool to dupe potential victims into installing malware to exfiltrate data.
Making use of ISO 27001 can assist an organisation to be GDPR compliant in several key areas and they can then use this certification to demonstrate a level of GDPR compliance.
A cloud-based data repository belonging to Alteryx, has publicly exposed datasets from the data analytics firm's partner Experian and the US Census Bureau containing sensitive personal information on 123 million Americans.
French Watchdog CNIL has ordered that Whatsapp stop sharing data with its parent company, Facebook, for business advertising and promotion.
A recent survey showed that surprisingly, a large percentage of retailers still have no data breach response plan in place.
PayPal Holdings on Friday acknowledged that a data breach at recently acquired payments processor TIO Networks compromised the personally identifiable information of roughly 1.6 million customers.
UK shipping giant Clarksons has beenhit by hackers who were successful in stealing sensitive and confidential data which may soon be leaked due to Clarksons' refusal to pay the ransom demanded by the hackers.
Three US Senators have introduced a bill that would require jail time for corporate executives who do not notify consumers of a breach within 30 days.
Supermarket chain Morrison's was found liable, in a first of its kind data leak class action suit, for the actions of a former employee who stole the data on thousands of his co-workers and posted it online.
More than half of all Uber riders and drivers in the UK were impacted by the ride-sharing company's data breach that was revealed last week.
If GDPR had been in effect during the latest Uber hack, the ride-sharing company would have faced stiffed consequences - or more promptly revealed the attack that compromised data of 57 million customers and drivers.
For more than a year, even as it negotiated with regulators in the US over privacy infractions, Uber hid a massive hack that resulted in cyber-thieves pilfering the personal information of 57 million customers and drivers.
As misconfigured Amazon servers continue to leak sensitive data Australian Broadcasting Corporation (ABC) is the latest culprit of administrators not properly securing their cloud servers.
As the GDPR clock ticks down to implementation, it is clear that this will not be a non-event like the Millennium Bug - it will happen and there will be dire consequences, potentially company-closures, in the event of non-compliance.
Pawnbroker chain Cash Converters is investigating a data security breach at its UK operations after receiving email threats of data release.
Enforcing authorisation directly at the data level can be incredibly powerful as it could mean minimal or no changes to the applications that are accessing the data itself says Jonas Iggbom.
Deloitte fell victim to a data breach that could have been prevented by having simple measures that are standard security protocols but businesses must not only focus on the basics, but also incorporate an innovative approach.
Seven in ten people in the UK are being put off recycling old and unused electrical products because of concerns about personal security data breaches.
Amazon is taking action to combat the recent wave of its Amazon S3 server being left misconfigured subsequently exposing potentially sensitive data.
Krack attackers need to be within range of the targeted Wi-Fi network, so widespread data loss is unlikely, but do add fixes when available as this vulnerability would allow anyone to read traffic from mobile and laptop to Wi-Fi devices.
Equifax was financially punished for the breach that allowed the personal data of 145.5 million of its customers to be compromised with revenue down 27 percent (£20 million) in the quarter and breach costs of £66.8 million.
The UEA has suffered another data breach; an email was sent to about 300 students in the social science faculty which included the personal health information of a member of staff, in a repeat use of a flaw not fixed previously.
Former Yahoo chief executive Marissa Mayer apologises for the two massive data breaches at Yahoo that occurred during her tenure and resulted in 3 billion credentials being stolen, blaming Russian agents for at least one of them.
Setting standard configurations based on industry best practices, and continuously monitoring for changes from that baseline enable quick identification of a misconfiguration that could be exploited and address it, before the breach.
The Queen's offshore accounts, Russian links to President Donald Trump's top administration officials among 13.4 million documents exposed in Paradise Papers. Legal and accounting firms can expect to be increasingly targeted.
Another misconfigured Amazon server has resulted in the exposure of personal data - this time on 50,000 Australian employees that were left unsecure by a third-party contractor.
Con Mallon advises, conduct a compromise assessment based on the assumption that you've already been compromised, then pick the right tools, processes, technology and intelligence to combat that threat.
Concerns around compromise increase among IT pros in the face of major breaches at even the most security aware organisations, highlighting muddled responses to softening perimeter.