Catch up on the past week's cybersecurity news. 

The Facebook data breach was everywhere this week.  From headlines on what it means in conjunction with GDPR to defining what a data breach really is.  And with the clock still ticking down to the May 25 GDPR deadline, news stories centered around breach notifications and data portability.

  1. When does the clock start for GDPR data breach notification? Via TechTarget
    • As new GDPR data breach notification rules go into effect, companies must be ready to move faster than before.  With the European Union's new General Data Protection Regulation set to begin enforcement on May 25, every company that collects data about EU data subjects -- citizens or residents of any of the 28 member nations of the European Union -- needs to be ready to report on breaches of that data within 72 hours of a data breach.
  2. What will GDPR data portability mean for enterprises? Via TechTarget
    • Data portability may be near the bottom of the list of key challenges with the European Union's new General Data Protection Regulation, but it is one more hoop that information security professionals will need to find a way to jump through. Data portability may seem simple to implement, but even the simplest aspect of GDPR can still produce surprising challenges.
  3. Securing the weakest link Via Security MEA
    • Email security is not just about securing your correspondence; it is about securing the most important conduit into your organization. It is also the number one attack vector for cybercrime with 9 out of 10 cyber-attacks starting from the inbox since it gives cyber criminals a low-risk, low-cost entry into a network, with maximum results. Challenged by varied cyber-attacks, organizations employ a number of defenses to safeguard themselves, however, a network is only as strong as its weakest link.
  4. GDPR And Facebook: We can fight back to control our data  Via MediaPost
    • When you click "ok" to carry on with whatever it is you want to do, you're giving access not just to your profile and email address but also to your list of friends. Can anyone here see a GDPR bear trap opening right up for Facebook and these apps it allows to scour around gathering our personal information?
  5. It’ll cost billions for companies to comply with Europe’s new data law  Via Bloomberg
    • Facebook Inc. may be subject to a British investigation that could lead to fines as high as £500,000. If the scandal had happened two months from now, it might have been covered bythe GDPR law that allows penalties as high as 4 percent of a company’s global revenue, or in Facebook’s case, more than $1.5 billion.
  6. Facebook's fight against the phrase "data breach",  Via CNBC
    • Amid the fallout over the revelation that a political consulting firm, Cambridge Analytica, obtained personal data from more than 50 million Facebook users without their permission, Facebook and some of its executives objected to the use of the phrase "data breach" to describe the controversy. 
  7. Cybersecurity in healthcare ails from lack of IT talent Via TechTarget
    • Cyberattacks on healthcare organizations have been increasing, reaching an average of 16 a year, up from 11 three years ago, according to "The State of Cybersecurity in Healthcare Organizations in 2018," conducted by Ponemon and commissioned by cybersecurity vendor Merlin International.
  8. The FBI is investigating a ransomware attack on the city of Atlanta Via CNN
    • Atlanta's mayor on Thursday urged anyone with personal information in city information systems to check their financial records as an investigation continues into a ransomware attack on the city. Mayor Keisha Lance Bottoms advised city employees to contact credit agencies and monitor their bank accounts in case their personal data was compromised.
  9. DPO-as-a-service options pop up as GDPR deadline looms  Via Infosecurity Magazine
    • The 25 May deadline for compliance with the EU General Data Protection Regulation (GDPR) is looming large, and many businesses aren’t yet prepared ThinkMarble has launched its Virtual Data Protection Officer (VDPO) service, allowing UK businesses to tap an outsourced team of cybersecurity and risk mitigation lawyers that can act as their DPO under the GDPR.
  10. 2017 was an excellent year for criminals executing phishing attacks, Via The Merkle
    • Any report related to phishing attacks needs to be taken seriously these days. Even though people will dismiss phishing as something users bring upon themselves by not taking the necessary security precautions, criminals are also getting a lot craftier when it comes to tricking people into visiting fake websites. 

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

GDPR: Where it Fits in the Regulatory Hierarchy

Can you really comply with every regulat…

Can you really comply with every regulation? Auditing, eval… Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted Mar 23, 2018

Stop Email Threats in Healthcare IT

Breaches in Healthcare: Lessons Learned …

Breaches in Healthcare: Lessons Learned From HIMSS18 It’s h… Read More >

David Hood

by David Hood

Director, Technology Marketing, Mimecast

Posted Mar 16, 2018

GDPR: 3 Steps to Building a Trust Strategy

May 25th, 2018: Your relationship with d…

May 25th, 2018: Your relationship with data security & p… Read More >

Marc French

by Marc French

Senior Vice President & Chief Trust Officer

Posted Mar 16, 2018