Compliance

Learn how BOD 23-01 asset inventory mandates can help all organizations tighten cybersecurity.

Rather than regarding risk assessment as a negative exercise, consider it one that benefits your organization's aims, and then translate the risk level to its impact on operations, reputation, or finances.

Lea Kissner was one of three senior executives to quit this week, leaving many to wonder if the social media giant is ripe for a breach and FTC action.

There's real value in having a better perspective around future regulation and compliance requirements.

Ed-tech company Chegg is ordered by FTC to secure its systems after repeated breaches that exposed tens of millions of users' personal data.

It's not too early for firms to start preparing for change.

With provisional agreement reached on the Digital Operational Resilience Act, the clock is now ticking for banks and information and communications technology (ICT) services companies with European operations. Here's what you need to know.

Why cyber teams are now front and center for business enablement within organizations, and the significant challenges they face.

Instagram and Facebook parent company Meta was slapped with the fine for exposing the personal data of minors.

The expanding Internet of Things ecosystem is seeing a startling rate of vulnerability disclosures, leaving companies with a greater need for visibility into and patching of IoT devices.

Businesses need to re-evaluate their cyber-insurance policies as firms like Lloyd's of London continue to add restrictions, including excluding losses related to state-backed cyberattackers.

Because demonstrating compliance with industry regulations can be cumbersome and expensive, it's important to ensure they're also absolutely essential.

Security pros' experience with transparency and evaluating third-party partners positions them to act as key environmental, social, and governance advisers.

A panel of CISOs at the RSA Conference outlined what a successful first 90-day plan looks like, and it boiled down to effective communication and listening.

The new draft guidance on premarket submissions incorporates quality system regulations and doubles down on a life-cycle approach to product security.