Published: December 2, 2022
By Annie articles
Meta hit with ~$275M GDPR penalty for Facebook data-scraping breach
Tech Crunch: Meta has been slapped with another GDPR fine in the EU. The $275 million penalty was due to the company exposing over 530 million Facebook users’ personal data online. While Meta tried to downplay the breach when it was initially exposed, the Data Protection Commission (DPC) published its findings of violations based on their data protection by design and default articles. So far, Meta has racked up nearly $1B in fines since 2021.
CISA’s Strategic Plan is Ushering in a New Cybersecurity Era
Dark Reading: The Cybersecurity and Infrastructure Security Agency (CISA) has provided new guidance and is moving away from traditional approaches that no longer keep entities safe. The federal agency released its strategic plan and recognizes that zero trust is the wave of the future. But for the plan to be successful, there needs to be a commitment of funding, resources and personnel. Without this, there is little confidence that their objectives and intent will become actualized.
The Week: Mixed messages from Elon Musk. While he declared that removing child exploitation is priority #1, at least half of this team have been let go. Currently there is a bare bones team of about 10 employees in the US, Ireland and Singapore and they are responsible for a large range of tasks to stop child sexual exploitation on the site. Twitter has taken steps in removing hashtags associated with child exploitation but this and having a skeleton team will not be enough to protect children around the world. It’s yet another security risk emerging as Musk has deprioritized privacy and security during his takeover of the company.
According to McKinsey and Co, “[a]t the current rate of growth, damage from cyberattacks will amount to about $10.5 trillion annually by 2025—a 300 percent increase from 2015 levels.” (source)
A total of 108.9 million accounts were breached in the third quarter of 2022, a 70% increase compared to the previous quarter (source)
Charlies is a 14 year cyber security expert. He started his career in the U.S. armed forces and then transitioned into commercial roles. A security engineer by training, he's well-versed in tool deployment and administration.
Ellen bring a decade of GRC expertise to the TalPoint community. She's knowledgeable on a variety of frameworks and employs a methodical approach to compliance. She's available for needs assessments, gap assessments, internal audits, and for certain frameworks running independent 3rd party audits.
Zachary bring a 20+ year career in risk management to the TalPoint community. He's worked across healthcare, finance, and supply chain manufacturing. His broad experience offers both a holistic view of risk as well as a common sense approach to risk management.