In the 2024 edition of its annual Global Cyber Policy report, information assurance firm NCC Group estimated governments have handed out at least 2,700 fines totaling around $7.3 billion (€6.6 billion) over data privacy violations since 2020.

The report shows the increasing complexity of compliance with existing data regulations across the globe. For example, the US issued 72 of those fines, while the UK issued just 14. Yet Spain single-handedly issued over 840 fines, or over 30% of the entire global pool. Meanwhile, Ireland issued just 20 fines—but those amounted to $2.7 billion. (Ireland has historically served as a tax haven for US tech firms, which also places the nation on the front lines of European Union tech regulation.)

Enforcement strategies across jurisdictions and sectors differ dramatically. For example, two-thirds of fines in the US were in healthcare, and three out of five of those were related to data subject rights, indicating the complaints originated from consumers. The French government, though, appears to have pursued a prosecutorial strategy focusing on high-impact cases. NCC Group researchers found that while most enforcement was directed at public sector organizations, those actions tended to have far smaller fines.

Read the rest here.—TM

If you want to learn about the latest generative AI innovations, upgrade your technical toolbox, and network with industry leaders, you’re gonna wanna snag a ticket to AWS re:Invent.

Happening Dec. 2–6 in Las Vegas, AWS re:Invent features keynotes from AWS leaders with product launches and announcements, 2,500+ sessions with training and certification activities, abundant networking opportunities—and, yes, the annual re:Play party!

And for the dedicated generative AI info sessions, there are workshops ranging from beginner to advanced, so you’ll feel right at home with any level of experience.

It’s all going down in Vegas. Can’t make the trip? No sweat. Just sign up to view the livestream.

Application programming interface (API) and bot attacks are on the rise, according to a new report, costing companies and organizations billions of dollars.

September research from Imperva, a cybersecurity firm and subsidiary of aerospace and defense corporation Thales, found that API and bot attacks cost $94–$186 billion in global losses annually. Part of the reason for that is the widespread adoption of APIs, the report noted, leading to an increase in attack surface.

Erez Hasson, Imperva senior product marketing manager, told IT Brew that “part of why we wanted to focus on these two attacks specifically, is actually the overlap, which is when bots target APIs specifically.”

“Oftentimes organizations don’t necessarily have visibility into all of their APIs, which brings a common question in cybersecurity that we like to ask—how can you protect what you can’t see?” Hasson said. “Now these APIs are handling a lot of sensitive processes, sensitive information, or business processes.”

Boot camp. For Jim Routh, chief trust officer at Saviynt, the high rate of API adoption correlates to the technology’s “tremendous promise and upside potential for organizations.” While that promise and potential expands the threat surface, he told IT Brew, there’s a solution—added controls and security.

Read more here.—EH

Like newlyweds with a Williams Sonoma gift card, CIOs and CISOs have money to spend in 2024. With satisfying balances, today’s chief officers are considering emerging (and defensive) technologies.

Avasant Research, in a poll of 371 US and Canada-based IT organizations during the first half of 2024, reported “healthy, if not stellar” rates of budget increase. In all sectors: IT budgets increased, on median, by 3%—a slight dip from numbers in 2022 and 2023 (high inflation years, warned the report), but in line with the 3% growth from in 2021 and 2020.

“Never have CIOs had such a chance to make such a large impact,” Avasant wrote in its report.

More than 68% of respondents reported both “AI” and “data analytics” as spending initiatives; other top priorities included legacy systems and disaster recovery efforts.

Regarding “AI” examples, David Wagner, senior director at Avasant Research, said he’s seen “very high” investment in “copilots,” large language model-powered tools supporting work tasks like the creation of a presentation or email; Wagner also sees investments in AI-led human assistance like intelligence processing of document sets.

The interest in emerging tech gives Wagner the confidence to predict continued IT budget increases.

Keep reading here.—BH

System error: Please contact administrator. Is there a worse message to receive when managing your workflows? Nope. That’s why BetterCloud is hosting Become a Google Admin Superhero, a game-changing webinar that’ll spill the deets on how to get around all those pesky Google Workspace limits. Forget about admin headaches.