DIRS.INFO The most relevant business & tech news

Todd McKinnon, co-founder and CEO of Okta, shares lessons learned from the security breach that his organization experienced in early 2022. Okta is delaying product updates and internal projects by 90 days as it works to shore up its security architecture. “The stakes are high and we will do whatever it takes to protect our current and future customers,” Chief Executive Todd McKinnon said in an earnings call Wednesday evening. “Bolstering our security environment is by far the highest priority for Okta. No other project or product-development area is more important,” he said.

Persons: Todd McKinnon, Okta, ” Organizations: ”

☆ Budget Cuts, Layoffs Add to Pressure on Cyber Teams
▼ + stars: | 2023-11-01 | by ( Catherine Stupp | ) www.wsj.com time to read: 1 min

This copy is for your personal, non-commercial use only. Distribution and use of this material are governed by our Subscriber Agreement and by copyright law. For non-personal use or to order multiple copies, please contact Dow Jones Reprints at 1-800-843-0008 or visit www.djreprints.com. https://www.wsj.com/articles/budget-cuts-layoffs-add-to-pressure-on-cyber-teams-adbf6f85

Persons: Dow Jones

☆ Dutch Consumer Group Sues Amazon Over Data Tracking
▼ + stars: | 2023-10-20 | by ( Catherine Stupp | ) www.wsj.com time to read: 1 min

The class-action lawsuit represents around five million Amazon account holders residing in the Netherlands, SDBN said. Photo: PASCAL ROSSIGNOL/REUTERSA consumer-rights group in the Netherlands sued Amazon on Wednesday over its alleged practice of tracking website visitors’ online activity, using recently expanded legal provisions allowing class actions. The lawsuit, filed in a Dutch court by Stichting Data Bescherming Nederland, or SDBN, said Amazon is violating the European Union’s privacy law by monitoring visitors to popular websites through cookies—the pieces of code that identify individual browsers to create targeted advertisements—without their permission.

Persons: SDBN, PASCAL ROSSIGNOL Organizations: REUTERS, Amazon, Stichting Data Bescherming Locations: Netherlands

☆ Catherine Stupp — Reporter, WSJ Pro at The Wall Street Journal
▼ + stars: | 2023-10-11 | by ( Catherine Stupp | ) www.wsj.com time to read: 1 min

Catherine StuppCatherine Stupp covers cybersecurity and privacy for The Wall Street Journal. She writes frequently about hacking, data breaches, cybercrime, and regulations and policies in Europe. She joined the Journal in 2018 in New York and moved to Brussels in 2019. She previously covered European politics and technology policy in Brussels. She is a proud native of Queens, New York.

Persons: Catherine Stupp Catherine Stupp Organizations: Wall Street Locations: Brussels, Europe, New York, Queens , New York

☆ AI Isn’t Just About Risk, Says Splunk’s Cyber Chief
▼ + stars: | 2023-10-11 | by ( Catherine Stupp | ) www.wsj.com time to read: 1 min

This copy is for your personal, non-commercial use only. Distribution and use of this material are governed by our Subscriber Agreement and by copyright law. For non-personal use or to order multiple copies, please contact Dow Jones Reprints at 1-800-843-0008 or visit www.djreprints.com. https://www.wsj.com/articles/ai-isnt-just-about-risk-says-splunks-cyber-chief-4cc371a6

Persons: Dow Jones, 4cc371a6

☆ California Opens Privacy Probe Into Who Controls, Shares the Data Your Car Is Collecting
▼ + stars: | 2023-07-31 | by ( Byron Tau | Catherine Stupp | ) www.wsj.com time to read: 1 min

This copy is for your personal, non-commercial use only. Distribution and use of this material are governed by our Subscriber Agreement and by copyright law. For non-personal use or to order multiple copies, please contact Dow Jones Reprints at 1-800-843-0008 or visit www.djreprints.com. https://www.wsj.com/articles/california-privacy-agency-opens-probe-into-private-data-collected-by-cars-d17ec917

Persons: Dow Jones Locations: california

☆ Victims of Cyberattack on File-Transfer Tool Pile Up
▼ + stars: | 2023-07-19 | by ( Catherine Stupp | ) www.wsj.com time to read: +6 min

The list of companies hit by a cyberattack on a widely used software tool continues to expand and several victims have filed lawsuits alleging mishandling of data. The continued disclosure of new victims affected by hackers exploiting a vulnerability in MoveIt, a common file-transfer tool from Progress Software, underscores how cyberattacks can ripple through supply chains. Some companies have been drawn into data breaches without having used MoveIt because their business partners use it. The Cl0p ransomware group has taken responsibility for the cyberattacks and posted data from some victims on its underground website. A 2021 cyberattack on a tool similar to MoveIt—Accellion’s File Transfer Appliance—had similar ripple effects.

Persons: ”, Brett Callow, cyberattacks, Callow, Genworth, PBI, “, Shell, Rob Carr, Suzie Squier, Johns, Johns Hopkins, Emsisoft’s Callow, Catherine Stupp Organizations: Progress Software, . Progress, Progress, Shell, BBC, Energy Department, Genworth Financial, Social, PBI Research Services, U.S . Department of Health, Human Services, Colorado State University, BG Group, Johns Hopkins University, Getty Locations: British, MoveIt, Kaseya, Johns Hopkins

☆ EV Charging Networks Prepare for Cyberattacks
▼ + stars: | 2023-07-14 | by ( Catherine Stupp | ) www.wsj.com time to read: +6 min

Efforts to address the security of EV charging stations are in early stages. A U.S. infrastructure law passed in 2021 includes $7.5 billion in funding for states to expand EV charging stations. Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors. Tesla is poised to dominate EV charging in the U.S., and auto manufacturers including General Motors, Ford, Volvo and Rivian signed on to adopt Tesla’s charging standard this year. Last year, the city of Amsterdam for the first time included cybersecurity requirements in a public tender for public EV charging stations.

Persons: ”, van, Biden, cybersecurity, Tomas Bodeklint, Anjos Nijk, ” Nijk, Jay Johnson, ” Johnson, Tesla, Rivian, Teza Mukkavilli, Mukkavilli, BING GUAN, REUTERS ChargePoint, van den, Jaap de Munnik, de Munnik, Catherine Stupp Organizations: European, Research Institutes of Sweden, EV, European Network, Cyber Security, Sandia National Laboratories, “, Nationwide, Sandia, General Motors, Ford, Volvo, Benz Group, N.M, REUTERS, Enza Locations: Europe, U.S, Netherlands, European Union, South Dakota, York, North America, Corona, ElaadNL, Amsterdam, Dutch

☆ Mattel Experiments With ChatGPT in Cybersecurity
▼ + stars: | 2023-06-08 | by ( Catherine Stupp | ) www.wsj.com time to read: +3 min

Toy maker Mattel is experimenting with generative-artificial-intelligence tools including ChatGPT to help its cybersecurity teams, but the company’s head of cybersecurity said the risk of inaccurate results from the new technology is too great to deploy it broadly. But many results from queries to the AI tools are incorrect, even if they appear convincing, he said. Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors. All Mattel employees using ChatGPT are receiving training on how to use generative AI tools securely, he said. German e-commerce giant Zalando plans to offer a shopping assistant using ChatGPT.

Persons: cybersecurity, Tom Le, ” Le, OpenAI, Mattel’s Le, Ilia Kolochenko, ”, Goldman Sachs, Le, Catherine Stupp Organizations: Mattel, Training, Employees, JPMorgan, Verizon, Commonwealth Bank of Australia

☆ Breach of Mental-Health Records Challenges Nation’s Court System
▼ + stars: | 2023-05-11 | by ( Catherine Stupp | ) www.wsj.com time to read: +4 min

Hackers posted naked photos of cancer patients online after a February cyberattack on Allentown, Pa.-based Lehigh Valley Health Network. Fifteen prosecutors will go through technical evidence and statements from around 24,000 patients whose data was exposed and some of which was published online, Finnish officials said. Prosecutors will spend an estimated 10 minutes reviewing each report to decide whether to use it in court, Mr. Vainio said. The logistics of a trial will be challenging because Finnish law requires courts to accommodate all victims who want to be present, Mr. Vainio said. Money, however, won’t address all the harms to victims, Mr. Vainio said.

☆ Broad Pay Ranges Can Hamper Cybersecurity Hiring
▼ + stars: | 2023-04-04 | by ( Kim S. Nash | Catherine Stupp | ) www.wsj.com time to read: +3 min

Companies that list wide pay ranges in cybersecurity job descriptions risk setting false expectations and kindling unrest among existing staff. Seven other states have required pay transparency for the past few years. In cyber recruiting, in particular, broad scales can hamper hiring, said Joyce von Seldeneck, founder and chair of Philadelphia-based Diversified Search Group. The last thing a company wants is to go bring candidates through an entire process and disappoint them at the end.”Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors. While some management consultants say pay transparency can light a fire under employees to work harder for higher compensation, Matthias Muhlert, chief information security officer at gummy-bear maker Haribo GmbH & Co., isn’t so sure.

☆ Cybersecurity Workers Demand Higher Salaries
▼ + stars: | 2023-03-28 | by ( Catherine Stupp | ) www.wsj.com time to read: +6 min

Cybersecurity chiefs are struggling to find employees they can afford, as sought-after job seekers ask for higher salaries. Challenging economic conditions have added a new layer of difficulty for companies around the world that have grappled with a growing shortage of cybersecurity workers. Multinationals including McDonald’s Corp. are seeking more cybersecurity job applicants, including people from nontraditional backgrounds, by removing cyber certifications and degree requirements from many job listings. Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors. In Europe, with companies competing for a small pool of cybersecurity workers, job seekers are looking for flexible work conditions in addition to higher salaries.

☆ Courts Side With Big Companies Including Amazon and Experian in Privacy Appeals
▼ + stars: | 2023-03-16 | by ( Catherine Stupp | ) www.wsj.com time to read: +5 min

Big companies are winning appeals to overturn regulatory decisions that allege they violated European privacy rules, potentially carving out a path for more businesses to challenge similar sanctions. Courts in the U.K., Spain, Italy and Germany sided with companies including Experian PLC, Amazon. The court rejected the regulator’s argument that collecting personal data to create profiles for marketing purposes intrudes on privacy rights. The court said the regulator had “fundamentally misunderstood” the implications of how Experian used data, and that there were no negative effects for individuals. These recent wins will likely embolden other companies to appeal GDPR violations, said Mr. Machin of Ropes & Gray.

☆ Tesla to Change Camera Settings in Europe Over Privacy Fears
▼ + stars: | 2023-02-22 | by ( Catherine Stupp | ) www.wsj.com time to read: +3 min

Tesla Inc. agreed to change camera settings in its cars after complaints from European consumers and an investigation by the Dutch privacy regulator. The last 10 minutes of recorded footage will be saved under the new settings, instead of the hour of footage that was previously stored. The previous camera settings allowed serious privacy violations, the regulator said. PREVIEWWith the new software update, the headlights of Tesla cars will blink if the cameras are recording, and a message will be displayed on an internal touch screen, the Dutch regulator said. The regulator said it planned to investigate how data is transferred out of Tesla cars.

☆ Privacy Regulators Step Up Oversight of AI Use in Europe
▼ + stars: | 2023-02-16 | by ( Catherine Stupp | ) www.wsj.com time to read: +6 min

European privacy regulators are intensifying their scrutiny of companies’ use of artificial intelligence, hiring experts and opening new units to crack down on data violations. “AI is appearing in all sectors,” said Kari Laumann, head of a division for research, analysis and policy at Norway’s data protection authority. The regulator’s office has worked with 64 companies to test AI initiatives under its supervision, in a program started in 2020. Regulators have fined companies for privacy failings in their AI applications in recent years, but European data protection officials and privacy analysts say it is still unclear how to apply some aspects of European privacy law to the technology. Mr. Jairaj said he expects the EU’s coming legislation to force companies to look closely at third-party suppliers of AI products.

☆ Cyber Chiefs Face Scrutiny and Challenges in 2023’s Uncertain Economy
▼ + stars: | 2023-01-04 | by ( James Rundle | Catherine Stupp | ) www.wsj.com time to read: +5 min

That leaves security teams, in real terms, working with fewer resources, Ms. Huth said. Inflation is pushing wage demands higher and the scarcity of cyber professionals—particularly within highly technical industries such as power—means security staff are in demand, Mr. Bojar said. Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors. Cyber staffs will need to vet third-party services while installing safeguards against new avenues hackers could exploit, Kohler’s Ms. Huth said. Retail giant Amazon.com Inc. hopes to grow its security team, said Chief Security Officer Stephen Schmidt, despite a company-wide hiring freeze and layoffs for up to 10,000 workers elsewhere in the company.

☆ U.K. Government Seeks Further Easing of Data Protection Rules
▼ + stars: | 2022-11-17 | by ( Catherine Stupp | ) www.wsj.com time to read: +3 min

If U.K. data protection law strays too far from the European Union’s General Data Protection Regulation, however, an existing legal deal known as an adequacy agreement between the two jurisdictions could be jeopardized, privacy experts say. Relaxing some data rules could save the U.K. an estimated £12 billion, equivalent to $14 billion, each year, Mr. Rowland said. The U.K. has had two changes of government since data laws were proposed this summer. The EU officials who oversee the arrangement have said they could suspend the system if British data protection laws change too dramatically. The draft data protection legislation would loosen some aspects of the GDPR such as requirements for companies to obtain permission from individuals for their data to be tracked online.

☆ Red Cross Wants Digital Symbols to Deter Hackers From Healthcare Institutions
▼ + stars: | 2022-11-04 | by ( Catherine Stupp | ) www.wsj.com time to read: +3 min

The International Committee of the Red Cross proposed creating a digital equivalent to its distinctive red symbol to warn off hackers who attempt to break into medical institutions’ networks. Such a digital emblem would deter some but not all hackers, Red Cross advisers say, at a time when hospitals are frequently hit with cyberattacks. The Red Cross and its cyber advisers worked for more than two years on the project. Whatever option governments choose would need to be simple to install, said Matthew Smith, a professor of computer science at the University of Bonn in Germany, speaking at the Red Cross event. “As easy as placing a red cross on a building,” he said.

☆ Corporate Cybersecurity Teams Struggle to Fill Jobs
▼ + stars: | 2022-10-20 | by ( Catherine Stupp | ) www.wsj.com time to read: +5 min

Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors. PREVIEWSeventy percent of around 11,000 cybersecurity practitioners and decision makers surveyed by (ISC)2 said their companies don’t have enough cybersecurity staff to be effective. Decathlon has become more flexible and creative in its search for cybersecurity staff and hired 26 employees last year and more than 30 so far in 2022, Mr. Illikoud said. Many corporate cybersecurity leaders hire staff from other internal teams and offer specific training if they need it. Around 43% of Principal’s cybersecurity team is now remote, up from roughly 20% before the pandemic, she said.

☆ Cyberattack on InterContinental Hotels Disrupts Business at Franchisees
▼ + stars: | 2022-09-26 | by ( Catherine Stupp | ) www.wsj.com time to read: +4 min

A cyberattack on InterContinental Hotels Group PLC disrupted business at franchisees this month, leaving a trail of angry customers, lost income and a class-action lawsuit. Hotel owners complain they received one email from IHG executives explaining that the attack would shut down online reservation systems. We remain focused on supporting our hotels and owners and throughout this period have communicated regular updates to owners and hotel teams,” an IHG Hotels & Resorts spokesperson said. Hotel owners said they dealt with angry customers whose reservations were lost due to the cyberattack. IHG franchisees pay monthly fees to use the company’s reservation technology, the lawsuit says.

☆ Companies Should Treat Cyber Threats as Core Business Risk, U.S. Cyber Official Says
▼ + stars: | 2022-09-20 | by ( Catherine Stupp | ) www.wsj.com time to read: +2 min

Corporate boards need to propel companies’ investment in cyber defenses and push management to treat hacking threats as a core business risk, according to a top official of the U.S. Cybersecurity and Infrastructure Security Agency. As boards learn to assess those defensive measures, cybersecurity will become more ingrained in American corporations, Mr. Wales said. Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors. PREVIEWRecently, the U.S. Securities and Exchange Commission proposed that companies be required to disclose detail on board members’ cyber expertise and how often the board addresses cybersecurity. CIOs should address third-party risks when discussing cybersecurity with boards, Mr. Wales said.

Search resuls for: "Catherine Stupp"

21 mentions found