Tag Archive for: company’s

How A Company’s Philosophy To ‘Shift Left’ Is Making Headway In The Data Privacy World.

/in


While data privacy continues to propagate daily headlines from breaches to new laws, many in the business world are wrestling with how to design a vigorous and thoughtful privacy program without bogging down the necessary speed of the software development life cycle.

Additionally, enterprises are learning firsthand the bottom-line value of maintaining and increasing overall customer trust and privacy is at the center of the conversation. According to a recent report from Forrester, post-pandemic, reduced tech dependency will combine with trust and privacy issues — including an inability to protect users from emerging risks and a lack of effective ethical measures in digital environments — to progressively erode consumers’ trust. We predict that by the end of 2023, consumers’ trust in tech companies will shrink 15%.

I recently had a chance to sit down with data privacy expert and TerraTrue co-founder and CEO, Jad Boutros, to discuss why he started the company, the changing privacy landscape, and where it’s headed next.

Gary Drenik: Tell me about your background and what motivated you to start TerraTrue.

Jad Boutros: I am a computer engineer by profession and entered the application security domain early in my career. I joined Google in 2004 as one of the first ten security engineers and had the rare opportunity to co-found, lead, and grow the Information Security Team. At Google, I gained a tremendous appreciation for the security field, and in particular, how hard it is to protect web and mobile applications from an ever-growing list of security threats. Developers and security teams need to work together inseparably to accomplish this feat, and towards that goal, I helped implement a world-class security review process and conducted security reviews across Google’s myriad products.

In 2014, when Snap (formerly Snapchat) had a security issue that became very public, they recognized the need to start a security team and reached out to me. I was immediately intrigued by the challenges they were facing, including a Federal Trade Commission consent decree for privacy, and decided to leave Google and join as their first security hire….

Source…

Implementing Cyber Security Protocols: Do Not be your Company’s Weakest Security Link

/in


Hacks often happen from end-users in your company being careless. However, the consequences can be for their company can be detrimental.

A series of large-scale ransomware incursions have prompted the U.S. to ramp up its cybersecurity measures. The Biden administration has also contacted dozens of countries to partner with American intelligence agencies to prevent evasive cybercriminals from acting around the globe.

Security is a weakest-link kind of game.

Defenders must defend all items in the physical realm and the cyber world. If you miss one item like the creation of an easy password to guess, an employee clicks on a phishing email, or you forget to update one application, an intruder can enter to attack your data storage.

To help you not become the weakest link, we will discuss the dark web of cybercrime and the behavioral component of security tasks. There are systematic ways you may avoid data breaches. However, many companies must also focus on how they can fortify their human-run systems from within.

Security violations to computer networks are a prominent threat. However, we often see frequent reports of companies and institutions experiencing severe data leaks. Twitch’s live-video site is one example of content creators’ earnings, among posting other details online.

Here we will observe the issues in cyber security and describe the best practices to avoid being your company’s weakest security link.

Why are Companies Getting Caught Flat-footed?

In some cases, the weakest link in your company is a lack of awareness. Therefore it is essential to make these individuals aware of some of the threats that companies might face. The people running these sites, especially those less technologically savvy, are unaware of the dangers, or all the things necessary to be secure are a secondary priority.

It’s not what the teams are building. It is about providing a well-trained security staff that knows what to look for and has the authority to…

Source…

LastPass Security Breach – Hackers Steal Company’s Source Code

/in


World-leading password manager, LastPass, is the latest victim of a security breach. In an advisory, the company confirmed the stealing of its internal source code and technical documents. LastPass is owned by GoTo and boasts over 25 million users and serves around 80,000 businesses worldwide.

Incident Details

On 25 August 2022, LastPass’s CEO Karim Toubba confirmed that an unauthorized party stole some portions of its internal source code and proprietary technical information. The company revealed that an attacker broke into one of its developers’ accounts and gained access to proprietary data.

The company stressed on the breach occurred through a “single compromised developer account. It noted that all of its products and services are “operating normally,” and that the situation is under control. The breach took place around two weeks back.

How the Breach was Detected?

The break-in was detected after unusual activity was noticed in the LastPass computer network’s development area. The security breach was promptly contained and the company took necessary steps to prevent another intrusion from happening. 

According to LastPass’ blog post, the company also outsourced infosec experts to investigate the incident. An investigation was launched and it was later confirmed that the cybercrook couldn’t access customer data. Per LastPass CEO, the company will ramp up its network defenses.  

What About User Passwords?

For your information, LastPass provides a software vault where usernames and passwords are stored in pairs to allow users to log in to websites. This makes it tougher to crack passwords.

LastPass Security Breach - Hackers Steal Company's Source Code

After the breach, a lot of speculations emerged about the safety of passwords. The company addressed these concerns by explaining that master passwords are safe and weren’t compromised or accessed by the hacker. LastPass also added that vault contents also remained untouched.

LastPass noted that it doesn’t keep a copy of users’ master passwords as that’s for the user to memorize and protect. The Massachusetts-based company insisted that encrypted user passwords are safe due to the zero-knowledge architecture it has…

Source…

Central Pattana Public : Notification of the changes of the Company’s Directors, Members of Audit and Corporate Governance Committee and Members of Sub-committees

/in








Lead Independent Director and Chairman of the Risk Policy Committee

Chairman of Audit and Corporate Governance Committee Chairman of the Nomination and Remuneration Committee Member of Audit and Corporate Governance Committee and Member of the Nomination and Remuneration Committee

(Translation)

9 August 2022

Notification of the changes of the Company’s Directors, Members of Audit and Corporate

Governance Committee and Members of Sub-committees

No. 51/2022/035

To

President

The Stock Exchange of Thailand

Enclosure List of Members of the Board of Directors and Form to Report on Names of Members and Scope of Work of the Audit Committee (F24-1)

Central Pattana Public Company Limited ( “the Company“) hereby informs that, on 9 August 2022, its Board of Directors Meeting No.6/2022 has passed significant resolutions as follows:

  1. Acknowledged the resignation from the directorship of Mr. Karun Kittisataporn and Mr. Paitoon Taveebhol. Such directors will perform their duties till end of 31 August 2022.
  2. Appointed Mrs. Parnsiree Amatayakul and Mr. Winid Silamongkol to be directors replacing Mr. Karun Kittisataporn and Mr. Paitoon Taveebhol respectively.
  3. Appointed the following persons to take positions in sub-committees to fulfill the

vacated position.

1) Mr. Veravat Chutichetpong

2)…

Source…