Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Microsoft Appoints New Deputy CISO for Europe to Tackle Stricter Cybersecurity Regulations

2025-05-03
Microsoft Appoints New Deputy CISO for Europe to Tackle Stricter Cybersecurity Regulations

Microsoft has appointed a new Deputy Chief Information Security Officer (CISO) for Europe, responsible for ensuring compliance with the EU's increasingly stringent cybersecurity regulations, such as the Digital Operational Resilience Act (DORA), the NIS2 Directive, and the Cyber Resilience Act (CRA). This role is crucial for Microsoft's compliance in Europe and its global cybersecurity strategy, highlighting the company's focus on European data security and cyber resilience. While Microsoft hasn't revealed further details, the move shows the company is proactively addressing the evolving global cybersecurity landscape.

Read more
(www.csoonline.com)
Tech EU Regulations

Google Analytics Security Risks: A CISO's Headache

2025-04-26
Google Analytics Security Risks: A CISO's Headache

CISOs need to carefully assess the risks associated with sharing data with third parties, particularly when using Google Analytics. The article highlights that Google Analytics can inadvertently collect sensitive data, such as personally identifiable information (PII) embedded in URLs (names, emails, birthdates, etc.) or form field values. To prevent this, CISOs must ensure that when configuring Google Analytics, all query parameters, form inputs, and dynamic page elements that could contain sensitive data are filtered out. Otherwise, this data could be tracked and collected by Google Analytics, posing significant security risks.

Read more
(www.csoonline.com)
Tech

CVE Numbering System on the Brink of Collapse: DHS Ends MITRE Contract

2025-04-16
CVE Numbering System on the Brink of Collapse: DHS Ends MITRE Contract

The US Department of Homeland Security (DHS) has ended its 25-year contract with MITRE, leaving the CVE vulnerability numbering system on the brink of collapse. This will result in a massive backlog at the National Vulnerability Database (NVD), with over 30,000 vulnerabilities already awaiting processing and a further 80,000+ 'deferred' (meaning they won't be fully analyzed). This move will severely impact global vulnerability management, causing significant challenges for organizations relying on CVE/NVD information. National vulnerability databases, such as those in China and Russia, will also be affected. The reason for the contract termination remains unclear, but is likely linked to the Trump administration's cost-cutting measures.

Read more
(www.csoonline.com)
Tech