IT Security & Privacy

New Year, New Priorities: ICO Urges the UK to Tighten Up Data Privacy in 2025

Let’s face it—data privacy isn’t the most glamorous New Year’s resolution. It’s not going to help you fit into that old pair of jeans or finally get through “War and Peace.” But as the UK’s Information Commissioner’s Office (ICO) reminds us, tightening up your data security is the kind of life upgrade that could save you from stress, financial loss, and a few sleepless nights.

CISOs at a Crossroads: When Cybersecurity Leadership Means Balancing on a Knife’s Edge

For many Chief Information Security Officers (CISOs), the role was once about fortifying systems, dodging ransomware, and endlessly justifying cybersecurity budgets. But a new survey from BlackFog shows that the job now comes with a far weightier burden: the risk of personal liability.

Inside the Treasury Hack: Unpacking the Breach & What It Means for Risk & Cybersecurity Leaders

Imagine this: a critical government agency, armed with some of the most robust cyber defenses money can buy, finds itself outflanked—not through the front gates, but by a side door left ajar by a trusted partner. This isn’t the plot of a Hollywood thriller; it’s the reality facing the U.S. Treasury Department after Chinese state-sponsored hackers breached its defenses by exploiting a vulnerability in third-party software.

Volkswagen Data Breach Exposes Personal Details of 800,000 Drivers

a security oversight at Volkswagen’s subsidiary, Cariad, has exposed highly sensitive data on 800,000 Volkswagen owners across Europe. The breach isn’t just a numbers game; it’s a chilling look at how deeply our personal lives are intertwined with technology—and how vulnerable we’ve become to breaches of that intimacy.

FTC Issues Order Requiring Marriott & Starwood to Strengthen Data Security

The Federal Trade Commission (FTC) announced today that it has issued an order requiring Marriott International, Inc. and Starwood Hotels & Resorts Worldwide LLC, a subsidiary of Marriott, to implement more robust data security programs.

California Cranks Up CCPA Penalties for 2025: What Businesses Need to Know

Starting January 1, 2025, doing business in California gets a little pricier—at least for those caught slipping on privacy compliance. The California Privacy Protection Agency (CPPA) has announced higher fines and updated thresholds under the California Consumer Privacy Act (CCPA). These changes, tied to inflation and the Consumer Price Index (CPI), mark a biannual adjustment aimed at keeping penalties relevant and impactful in an evolving regulatory landscape.

KASPR Hit with €240,000 Fine for GDPR Violations

In a recent decision by the French data protection authority (CNIL), KASPR, a company known for its data scraping practices, has been fined €240,000 for violating the General Data Protection Regulation (GDPR). The fine comes after KASPR’s controversial method of collecting personal contact details from LinkedIn users, even those who had specifically chosen to limit their visibility.