The genealogy site MyHeritage said Monday that it suffered a breach last year that exposed 92 million of its users emails and hashed passwords.

Learn how to develop a data loss prevention strategy - including best practices and policies - in this week's Data Protection 101, our series on the fundamentals of information security.

18 infosec pros share the top considerations for CISOs when consolidating information security solutions.

What's the difference between a data controller and a data processor? What are their responsibilities under GDPR? Learn more in Data Protection 101, our series on the fundamentals of information security.

A jury ruled that Emerson Electric stole proprietary data center designs from BladeRoom, putting a close to a long running trade secrets lawsuit. The ruling comes a month after Facebook settled with the British manufacturing firm over similar charges.

Learn about Control Objectives for Information and Related Technologies, or COBIT, the goals of the framework, the benefits, how it can help companies meet compliance, and more in Data Protection 101, our series on the fundamentals of information security.

A set of vulnerabilities dubbed "EFAIL" affect encryption standards like PGP and S/MIME and could reveal the plaintext of encrypted emails sent in the past.

A significant portion of an infosec pro's workweek is devoted to keeping up with all things cyber, from new threats to new tools. Following influencers on their blogs, social media, and other online presences helps us stay up-to-date with the latest in infosecurity.

Learn about how User and Entity Behavior Analysis, or UEBA, works and how it leverages machine learning to help mitigate insider threats, password attacks, and more in Data Protection 101, our series on the fundamentals of information security.

Digital Guardian is excited to partner with Microsoft to offer an integrated data protection solution.

Learn about what an insider threat analyst does, along with how they affect existing procedures, policies, and protection layers in organizations in Data Protection 101, our series on the fundamentals of information security.

According to a recent survey 40 percent of companies said they won't be compliant with the General Data Protection Regulation (GDPR) when it goes into effect next month.

The National Institute of Standards and Technology (NIST) released a new version of its popular Cybersecurity Framework last week.

Learn about what ICS security is, challenges, best practices, and more in Data Protection 101, our series on the fundamentals of information security.

LocalBlox, a data firm that bills itself as "a powerful, scalable and distributed data acquisition platform" is the latest company to mistakenly leave data out in the open on a publicly accessible Amazon Web Services (AWS) S3 bucket. The company, based in Bellevue, Wash. left a slew of data online; 48 million records containing information on tens of millions of individuals including names, addresses, and dates of birth. The dataset also included data apparently scraped from Twitter handles, along with LinkedIn and Facebook profiles. Data from Zillow, a popular real estate site, has also been scraped and composited into the dataset. The company was notified of the unsecured bucket by researchers with UpGuard, a Mountain View firm that's had a knack for uncovering data sets like this as of late. The firm notified LocalBlox on February 28 and the bucket was secured later that day, UpGuard said Wednesday. The bucket contained a single 151.3 GB compressed file that decompressed to a 1.2 terabyte Newline Delimited JSON file. According to researchers, who combed through the dataset when they first came across it in a subdomain, “lbdumps,” on February 8, each record is in JSON format.

The law closes a loophole that could allow sensitive health data to be shared with the primary subscriber of a health plan.

23 cybersecurity pros discuss the best ways to avoid cyber alert fatigue.

We agree with Avivah's original assessment: TRADITIONAL Data Loss Prevention is dying.

Learn about what SCADA security is, examples of threats and vulnerabilities, and more in Data Protection 101, our series on the fundamentals of information security.