Many data breaches start with a compromised account from one of a company’s employees. Jérôme Berloty and Benjamin Netter decided to build a product based on that fact and launched Riot in 2020. ‍ Based in Paris, France, Riot combines learning modules and phishing simulations to raise cyber awareness and solve compliance needs. The courses are chat-based, five minutes long, and immersive and interactive, making learning more entertaining. ‍

Penn State University is in hot water again for legal and compliance violations. This time, the activities in question are related to the university’s claim to be compliant under NIST SP 800-171, as required by Executive Order 13556 (2019). As a contractor and partner of the U.S. Government, Penn State is required to implement a minimum set of security controls around Controlled Unclassified Information (CUI) it collects, creates, or handles as part of its partnership with the government.

With the advent of the Digital Personal Data Protection Act (DPDP Act) in 2023, India has taken a significant step towards safeguarding the rights of individuals, termed as ‘Data Principals’, over their personal data. This blog post aims to shed light on the rights and protections offered to Data Principals under the DPDP Act, a landmark legislation that is reshaping the landscape of data privacy in India.

Businesses with Indian customers or those accessible to Indian citizens, take note! The Digital Personal Data Protection Act (DPDP) has been passed in India. This new law, approved by the president on August 11, 2023, dictates how organizations handle personal data. The DPDP Act is not yet enforceable as the Data Protection Board of India is still being established.

Today we’re thrilled to announce that Vanta’s Role-Based Access Control (RBAC) functionality has gotten even stronger with new capabilities, including: ‍ ‍ These expanded RBAC capabilities are now generally available and demonstrate Vanta’s continued commitment to supporting the needs of larger, more advanced organizations through additional customization and flexibility across our platform. ‍

Our team has been hard at work creating updates and new features just for you, see what we’ve been up to over the last month. NEW: Prove the ROI of your security and privacy investments with TrustCloud Business Intelligence (BI) TrustCloud Business Intelligence is here! Now, you can see and share key results from across your compliance, risk management, and sales acceleration programs to showcase ROI, prove value, plan your resources, and easily align with stakeholders.

In the dynamic realm of data protection, understanding the consequences of non-compliance is crucial. The Digital Personal Data Protection (DPDP) Act of 2023 has set forth stringent penalties for those who fail to adhere to its provisions. We’ve delved into this new act in our series of blog posts.

This post is part of an ongoing series where you’ll hear directly from Vanta’s own Security, Enterprise Engineering, and Privacy, Risk, & Compliance Teams to learn about the team’s approach to keeping Vanta—and most importantly, our customers—secure. In today’s post, you’ll hear from Rob Picard, who leads Vanta’s Security team, and Matt Cooper, who leads Vanta’s Privacy, Risk, & Compliance team. ‍