Blog

Our top industry experts weigh in on topics that could affect you and your organization

  • Q and A with GDPR Expert: What you need to know about Privacy and Security for IoT Devices

    Posted on July 13, 2018 by Sally Guenette

    This blog post lists the questions raised on TUV Rheinland OpenSky’s recent webinar: Approaches to Privacy and Security for IoT Devices in a GDPR World. For a recording of the webinar, please click here.
    Questions and Answers
    Question 1: Is GDPR targeting small to medium-sized companies? Learn More

  • Ever-Increasing Cybersecurity Threats: Do you have the right DR strategy in place?

    Posted on June 19, 2018 by Gregory Cote

    Cyber threats keep executives up at night because cyber-criminals are well funded and highly motivated to acquire, or hold for ransom, valuable corporate data. In other cases, destructive malware (for example NotPetya), cause havoc and platform destruction just like a wildfire. These threats and resulting attacks can severely affect your organization financially and reputationally. By some estimates, 70 percent of companies go out of business after a major data loss. Learn More

  • Maintaining Consumer Privacy in an Era of Privacy Lost

    Posted on October 18, 2017 by TUV OpenSky Consumer Identity Center of Excellence

    The massive Equifax loss of 143 million non-consenting individual’s information in the US, Canada and UK presents more challenges for customer protection. Detailed financial data and private identifiers were included in the incident stemming from fundamental patch management latency. This consumer information loss aggravates an already challenged digital society seeking mobility-based services. Digital enterprises strive to provide those services across channels including social, mobile, email and web. Learn More

  • GDPR What to Expect in the Coming Months

    Posted on October 13, 2017 by John Gilda

    The General Data Protection Regulation (GDPR) is a new European data privacy regulation that will be fully enforced from on May 25th, 2018, after being ratified in April 2016. The time period between the two dates was designed to be the grace period for companies to use to be fully compliant by the due date.

    GDPR is also designed to be a privacy regulation that has more consideration for the data subject (you and me) rather than the business. Learn More

  • Phishing your way Past Multi-Factor Authentication

    Posted on July 24, 2017 by Charles Worrell

    Let’s say an attacker gains access to a valid set of employee credentials. If you don’t have multi-factor authentication (MFA) in place, the attacker has hit the jackpot. They can quickly authenticate against any publicly available asset that accepts the compromised username and password.

    But what if you do have MFA in place? You have a federated single-sign-on portal as the gatekeeper to your sensitive public assets, and it’s protected with MFA. Learn More

  • The Trouble with Meeting Compliance

    Posted on June 22, 2017 by Anthony Dickenson

    Meeting compliance is vital for organizations across all industries — but it’s a mistake to think that compliance equals security for your network and your data. While regulations are improving all the time, IT managers and the C-suite too often believe that checking all the boxes required by regulators will ensure their organization will pass an audit or be 100% protected from a breach.

    We can see the shortcomings of compliance mandates as it relates to security in highly regulated industries like healthcare. Learn More