3 Interesting Articles

TikTok Is Fined $15.9 Million Over Misusing Kids’ Data in Britain
NYTimes ($): TikTok will pay a fine of $15.9 million to the UK Information Commissioner’s Office (ICO) over multiple data protection violations. Some violations include the unlawful use of children’s personal data and using data of children under the age of 13 without parental consent. ICO discovered that TikTok allowed an estimated 1.4 million children under the age of 13 to use the app between May 2018 and July 2020. Senior employees at TikTok raised concerns internally over the underage children using the app yet it was still allowed to continue for almost two years. The company failed to provide proper information to users about how their data is used, gathered and shared and children were unable to make informed choices to keep themselves safe. As we discussed in our Privacy in 2023 webinar, a trend we will continue to see is the growing direction to keep children’s privacy safe and secure and hefty fines for companies that aren’t compliant.

Rethinking Cybersecurity’s Structure & the Role of the Modern CISO
Dark Reading: The CISO’s role has evolved beyond securing an organization’s infrastructure and protecting against cyber threats. To be successful, CISOs should focus on prevention, demonstrate progress, and set clear expectations for a collective effort to ensure security. Additionally, being a business leader first and a cyber expert second is crucial. Understanding costs, risks, tradeoffs, and business objectives creates successful relationships and outcomes. Experienced CISOs are purposeful in their strategic planning and decision-making, allowing them to manage by exception, not rule. Celebrating successes rather than pointing out failures builds support across the organization, aligning cybersecurity with business objectives, and encouraging innovation. This approach can help CISOs stay ahead of emerging threats and avoid surprises or resistance that may cause them to quit.

FBI warns against using public phone charging stations
CNBC: The FBI has warned the public against using free public charging stations in airports, hotels or shopping centers. Bad actors are using them to introduce malware and monitoring software into cell phones, tablets and laptops. This is also known as “juice jacking” which has been known since 2021. Malware installed through compromised USB ports can lock a device or export personal data directly to the hacker.

2 Stats You Should Know

63% of consumers believe that the government should do more to regulate the way companies collect and use their personal information. (source)

80% of organizations using SaaS reported experiencing a security incident related to their SaaS applications in 2020. (source)

1 More Thing

This is a quick reminder to complete our survey on AI and Information Security – and you’ll be entered to win a $150 amazon gift card. We would greatly appreciate your input and insights to help us understand how you view this innovative technology. It will only take 3 minutes of your time, but it is incredibly valuable. Please click here to access the survey!