Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

How to make your website GDPR compliant

GDPR, or the General Data Protection Regulation, is a data privacy law that many businesses around the world need to comply with. If you’re operating a business or managing a website, it’s important to know how the law applies to you and your website’s data collection processes. In this blog post, we’ll answer some fundamental questions about GDPR and provide guidance on how to get your website GDPR compliant. ‍

NIS2: Prepping your cybersecurity plan

If you are an organisation that operates or does business in the European Union (EU), then your team is likely preparing for the NIS2 Directive, an EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU and goes into effect on October 17, 2024. However, according to a survey by cybersecurity firm Sailpoint (and a Sumo Logic customer), only 34% of organisations in the UK, France, and Germany are prepared for NIS2.

Are the Fears about the EU Cyber Resilience Act Justified?

Discover the inner workings of the recently implemented Cyber Resilience Act (CRA) in the EU and explore why this framework has raised concerns about jeopardizing the open-source ecosystem. Join us in our latest blog post to delve into this important topic.

GDPR and Beyond: Data Privacy Regulations in a Global Context

Data privacy has emerged as a paramount concern, transcending borders and industries. The introduction of the General Data Protection Regulation (GDPR) by the European Union marked a significant milestone in the global data privacy landscape. However, the conversation around data privacy extends far beyond GDPR, encompassing various regulations worldwide.

CrowdStrike's View on the New U.S. Policy for Artificial Intelligence

The major news in technology policy circles is this month’s release of the long-anticipated Executive Order (E.O.) on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence. While E.O.s govern policy areas within the direct control of the U.S. government’s Executive Branch, they are important broadly because they inform industry best practices and can even potentially inform subsequent laws and regulations in the U.S. and abroad.

Experts React to SEC's Latest Cyber Disclosure Regulations

In late July, the US Securities and Exchange Commission (SEC) enacted a groundbreaking ruling for the cybersecurity industry. Amid an increasingly risky cyber landscape, the new Ruling S7-09-22 requires all registrants to disclose material cyber incidents within four days of detection and provide a detailed description of their cyber risk and governance management programs.

Exploring the Monetary Authority of Singapore's TPRM Guidelines

The Monetary Authority of Singapore (MAS) is Singapore's central bank and financial regulatory authority. Along with regulating monetary policies, banking, and currency issuance, MAS sets standards for financial institutions' operational practices. MAS’ third-party risk management guidelines provide structure for financial institutions to ensure resilience against third-party outsourcing arrangements risks, including supply chain vulnerabilities and information security.

BlackCat Ransomware's New SEC Reporting Tactic: Turn Regulations Against Victims

Man Bites Dog: In an unusual twist in cybercrime, the ransomware group BlackCat/ALPHV is manipulating the SEC's new 4-day rule on cyber incident reporting to increase pressure on their victims. This latest maneuver highlights a sophisticated understanding of regulatory impacts in ransomware strategies.

A Guide to GDPR Article 30: RoPA (Records of Processing Activities)

Data privacy has never been more critical for business success as it is today, and organizations worldwide are grappling with the stringent requirements of the General Data Protection Regulation (GDPR). One crucial aspect of GDPR compliance is maintaining a Record of Processing Activities (RoPA), which serves as a testament to an organization’s commitment to data protection. But what exactly is a RoPA, and how can organizations create and manage one effectively?

Trustwave Measures the Pros and Cons of President Biden's Executive Order to Regulate AI Development

President Joe Biden, on October 30, signed the first-ever Executive Order designed to regulate and formulate the safe, secure, and trustworthy development and use of artificial intelligence within the United States. Overall, Trustwave’s leadership commended the Executive Order, but raised several questions concerning the government’s ability to enforce the ruling and the impact it may have on AI’s development in the coming years.