- If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
- [close this box]
News & Commentary
Latest Content tagged with Compliance
|
White House Email Security Faux Pas?
The Executive Office of the President isn't complying with the DMARC protocol, but that has fewer implications than some headlines would suggest.
In Pursuit of Cryptography's Holy Grail
Homomorphic encryption eliminates the need for data exposure at any point — something that certainly would be welcome these days.
6 Ways Third Parties Can Trip Up Your Security
Poor access control, inadequate patch management, and non-existent DR practices are just some of the ways a third party can cause problems
GDPR Oddsmakers: Who, Where, When Will Enforcement Hit First?
The GDPR grace period ends today. Experts take their best guesses on when data protection authorities will strike - and what kind of organizations will be first to feel the sting of the EU privacy law.
GDPR, WHOIS & the Impact on Merchant Risk Security Monitoring
The EU's General Data Protection Regulation will make it harder for law enforcement, forensic investigators, and others to track down everything from credit card fraud to child porn rings.
A Data Protection Officer's Guide to the Post-GDPR Deadline Reality
The EU's General Data Protection Regulation deadline is here -- now what? These four tips can help guide your next steps.
GDPR 101: Keeping Data Safe Throughout the 'Supply Chain'
There are a lot of moving pieces involved with data collection, retention, and processing in the EU's new General Data Protection Regulation. Here's how to break down responsibilities between your security team and service providers.
Compliance Complexity: The (Avoidable) Risks of Not Playing by the Rules
Achieving compliance is a challenging process, but with the right systems and customized data management policy, your organization can stay ahead of the next data breach -- and the regulators.
Encryption is Necessary, Tools and Tips Make It Easier
In the InteropITX conference, a speaker provided tips, tools, and incentives for moving to pervasive encryption in the enterprise.
Survey Shows Sensitive Data Goes Astray in Email
Many employees have trouble controlling the release of sensitive information in email.
A Data Protection Officer's Guide to GDPR 'Privacy by Design'
These five steps can show you how to start building your foundational privacy program for the EU's General Data Protection Regulation.
10 Security Innovators to Watch
Startups in the RSA Conference Innovation Sandbox competed for the title of "Most Innovative."
12 Trends Shaping Identity Management
As IAM companies try to stretch 'identity context' into all points of the cybersecurity market, identity is becoming 'its own solar system.'
Why We Need Privacy Solutions That Scale Across Borders
New privacy solutions are becoming scalable, smarter, and easier to address compliance across industries and geographies.
How GDPR Forces Marketers to Rethink Data & Security
The European regulation is making marketing technology companies re-examine their security, and that's a good thing.
Businesses Calculate Cost of GDPR as Deadline Looms
Surveys highlight the financial burden of GDPR as companies scramble to meet the May 25 deadline.
Active Cyber Defense Is an Opportunity, Not a Threat
If honest citizens can be tracked online with cookies and beacons that share where we are and what we are doing, then why should security professionals restrict their ability to hack attackers?
The Cybersecurity Mandates Keep On Coming
There's a good reason for the proliferation of mandates like the one in New York state, but companies may struggle to answer this question: "Are we in compliance?"
Report Shows Ransomware is the New Normal
A new report on malware says that the majority of companies globally have been victims of ransomware in the last 12 months.
A Data Protection Officer's Guide to the GDPR Galaxy
Impending deadline got you freaking out? These five tips might help you calm down, at least a little.
Yahoo Agrees to $80 Million Settlement with Investors
Investors alleged that Yahoo intentionally misled them about its cybersecurity practices.
What Enterprises Can Learn from Medical Device Security
In today's cloud-native world, organizations need a highly distributed approach that ties security to the workload itself in order to prevent targeted attacks.
FTC Settles with Venmo on Security Allegations
Proposed settlement addresses complaints that Venmo misrepresented its security and privacy features.
It's Not What You Know, It's What You Can Prove That Matters to Investigators
Achieving the data visibility to ensure you can provide auditors with the information they need after a breach, and do so in just a few days, has never been more difficult.
Siemens Leads Launch of Global Cybersecurity Initiative
The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.
Filing Deadline for New Infosec Law Hits NY Finance Firms Thursday
Banks and financial services companies in New York must file by tomorrow to certify they are compliant with the state Department of Financial Services’ new cybersecurity regulation, 23 NYCRR 500.
Ticking Time Bombs in Your Data Center
The biggest security problems inside your company may result from problems it inherited.
K-12 Study Gives Schools Low Marks for Protecting Student Privacy Online
Survey says local school districts and education departments lack even the most basic security and privacy safeguards.
Breach-Proofing Your Data in a GDPR World
Here are six key measures for enterprises to prioritize over the next few months.
An Action Plan to Fill the Information Security Workforce Gap
Nothing says #whorunstheworld like an all-female blue team taking down a male-dominated red team in a battle to protect sensitive customer data, and other ideas to entice women into a cyber career.
PCI DSS Adds Standard for Software-based PIN Entry
Software-Based PIN Entry on COTS (SPoC) standard supports EMV contact and contactless transactions with PIN entry on merchant mobile devices.
GDPR: Ready or Not, Here It Comes
As organizations all over the world look ahead to May 25 when Europe's General Data Protection Regulation takes effect, many will fall short.
Living with Risk: Where Organizations Fall Short
People tasked with protecting data are too often confused about what they need to do, even with a solid awareness of the threats they face.
Meltdown, Spectre Likely Just Scratch the Surface of Microprocessor Vulnerabilities
There's a lot at stake when it comes to patching the hardware flaws.
A Pragmatic Approach to Fixing Cybersecurity: 5 Steps
The digital infrastructure that supports our economy, protects our national security, and empowers our society must be made more secure, more trusted, and more reliable. Here's how.
CISO Holiday Miracle Wish List
If CISOs could make a wish to solve a problem, these would be among the top choices.
Be a More Effective CISO by Aligning Security to the Business
These five steps will you help marshal the internal resources you need to reduce risk, break down barriers, and thwart cyber attacks.
Businesses Fail in Risk Modeling and Management: Report
Businesses struggle to quantify and manage risk, leading to wasted resources and oversight of major problems.
Security Compliance: The Less You Spend the More You Pay
The costs of complying with data protection requirements are steep, but the costs of non-compliance are even higher, a new study shows.
Gartner: IT Security Spending to Reach $96 Billion in 2018
Identity access management and security services to drive worldwide spending growth.
Ransomware Meets 'Grey's Anatomy'
Fictional Grey Sloan Memorial Hospital is locked out of its electronic medical records, but in the real world, healthcare organizations face even greater risks.
The Rising Dangers of Unsecured IoT Technology
As government regulation looms, the security industry must take a leading role in determining whether the convenience of the Internet of Things is worth the risk and compromise of unsecured devices.
Time to Pull an Uber and Disclose Your Data Breach Now
There is never a good time to reveal a cyberattack. But with EU's GDPR looming, the fallout is only going to get harder and more expensive if you wait.
We're Still Not Ready for GDPR? What is Wrong With Us?
The canary in the coalmine died 12 years ago, the law went into effect 19 months ago, but many organizations still won't be ready for the new privacy regulations when enforcement begins in May.
'Goldilocks' Legislation Aims to Clean up IoT Security
The proposed Internet of Things Cybersecurity Improvement Act of 2017 is not too hard, not too soft, and might be just right.
How Law Firms Can Make Information Security a Higher Priority
Lawyers always have been responsible for protecting their clients' information, but that was a lot easier to do when everything was on paper. Here are four best practices to follow.
What's Next after the SEC 'Insider Trading' Breach?
Last month's hack of the Securities and Exchange Commission may prove to be the most high-profile corporate gatekeeper attack to date. But it definitely won't be the last.
What's Next After HTTPS: A Fully Encrypted Web?
As the rate of HTTPS adoption grows faster by the day, it's only a matter of time before a majority of websites turn on SSL. Here's why.
GDPR Compliance: 5 Early Steps to Get Laggards Going
If you're just getting on the EU General Data Protection Regulation bandwagon, here's where you should begin.
GDPR Concerns Include 'Where's My Data Stored?'
European data protection regulations are coming like a freight train and many firms are still unprepared.
|
White Papers
Video
