Staying up-to-date on the latest data breach news is something most security professionals want to do more of. These seven outlets make finding information on data breaches and analysis therein much easier. We’ve listed them below—take a look, and make sure you bookmark them for later reading!
Dark Reading offers shorter-form content than, for example, Krebs on Security (#5) or Schneier on Security (#7)—but if you’re looking for incident overviews, Dark Reading is a great site to look at. It offers ten sections: Attacks & Breaches, Application Security, Cloud Security, Data Leaks & Insider Threats, Endpoint Security & Privacy, Mobile Security, Network & Perimeter Security, Risk Management & Compliance, Security Management & Analytics, and Vulnerabilities & Threats.
Like Dark Reading, DataBreaches.net posts short, informative incident overviews instead of lengthy content. You can also find quick links to a number of data breach laws. Interestingly, DataBreaches.net is not run by a security professional but by a healthcare professional who, according to their own statement, “is passionate about protecting privacy…[in] hope[s] that exposing the scope and seriousness of breaches—large and small—will help inform policymaking and decisions about allocating resources to data security.”
These are both aggregators for data breach news and notifications that come from different offices of state Attorneys General. These sites are good places to look if you want to see a ton of different breach reports. For example, if you want to search through Privacy Rights Clearinghouse for payment card fraud in 2016 and 2017, it will give you an overview of all incidents that were reported during that time.
Security blogger Brian Krebs owns a blog called Krebs on Security. Krebs was a Washington Post reporter for over 10 years, and is an excellent writer. His posts are both interesting and detailed; while he covers all things cybersecurity, he hones in on critical security events and threats to networks. In late 2016, his website was hit with a major distributed denial-of-service (DDoS) attack—and he wrote a very interesting series attributing the people who attacked him and speculating on the reasons they brought his website down. He’s also not afraid to post a series of two or three blog posts over the span of a couple of months about a single topic. Because of his journalistic connections, he is contacted by people if they learn of a breach and has broken quite a few of those stories.
Sophos’ cybersecurity blog, Naked Security, covers everything from unpatched vulnerabilities to actual data breaches that have occurred. It’s frequently used as a source of data breach news. Naked Security won the “Most Educational Blog” award at RSA 2017, which is a nice distinction.
Bruce Schneier is the CEO of IBM Resilient, a threat intel group. The Economist called Schneier an “internet-security guru,” and he’s known for his technically sophisticated blog posts. Like Brian Krebs, Schneier has been blogging on cybersecurity for years and has a great deal of insider knowledge.
Which data breach news outlets do you follow? Tweet us your suggestions—and follow @BitSight to stay up-to-date with cybersecurity and data breach news.
If you’re using a “one-size fits all” approach to managing your vendor lifecycle, you are missing opportunities to save money and operate more efficiently. Vendor management efficiencies don’t end in the onboarding stage: using a...
If you’re experiencing frustrating delays and procedural roadblocks during your vendor management process, you’re not alone. Security managers are seeing an increase in the number of third-parties integrating with their business, and ...
During this dynamic and stressful workplace environment 2020 has brought us, finding the most efficient ways to perform in your job has never been more important. When it comes to managing your vendor lifecycle, there are three ways you...