Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Newly Proposed Rules from the SEC Mean New Requirements for the Financial Industry and Public

On March 9, the US Securities and Exchange Commission (SEC) issued proposed rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. SEC Chair Gary Gensler highlighted in the press release that “Over the years, our disclosure regime has evolved to reflect evolving risks and investor needs. Today, cybersecurity is an emerging risk with which public issuers increasingly must contend.

Adjusting to New Cybersecurity Regulations in 2022

Cybersecurity is a leading concern for businesses in 2022. As organizations have embraced rapid digitization, cybercrime rose alongside it, quickly illuminating how many security standards fall short. It also became evident how cybersecurity regulations need to expand to address today’s challenges. Here’s a closer look at how this regulatory landscape is shifting, why, and what businesses can do in response.

Consent versus legitimate interest - know the difference

When discussing the GDPR, a common confusion we run into is the difference between consent and legitimate interest, as well as when to use them as your legal basis for collecting, processing and storing personal data. Each of these are incredibly important in ensuring you’re connecting with your prospective customers and not stalking them.

Ultimate Guide to CPRA for US Businesses

To say that data governance and data compliance are rapidly becoming areas of immense strategic importance for businesses would be an understatement. Governments worldwide already have data protection laws in place or are busy drafting these laws. Moreover, users have become increasingly aware and educated about their rights online, especially regarding what data businesses can collect about them.

What Is the Impact of the GDPR on Online Transactions?

From the first online transaction in 1994, we have seen online transactions evolve faster than anticipated. With this also came an evolution of rules and regulations to avoid the abuse of personal data. The GDPR is one such regulation that has an important role in regulating the whole structure of online transactions. It has also led to the development of specialized fintech cybersecurity. But what exactly is the impact of the GDPR, and how is it helping?

SIEM Use Cases for Compliance with GDPR

The era we live in requires the digitalization of all subjects interacting with people, from giant companies to small-scale organizations. It is unquestionable that this trend has made significant contributions to the data collection process. But the larger the volume of data collected, the greater the risk of a security breach. For this reason, it is essential to control the security and transparency of personal data.

SEC's Proposed Disclosure Amendments: Are You Impacted?

On March 9, 2022, the Securities and Exchange Commission (SEC) announced proposed rules and amendments to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting. These proposed amendments impact all public companies subject to the reporting requirements of the Security Exchange Act of 1934. To summarize this proposal and learn how to successfully prepare for them, read on.

CCPA Compliance Checklist

California Consumer Privacy Act is a data privacy regulation established in the US. Achieving and maintaining compliance with the regulation can be overwhelming for organizations. But with the right understanding of the CCPA Compliance regulation and adhering to the compliance requirements, achieving compliance can be easy. So, explaining the regulation in detail we have shared an informative checklist that organizations can refer to as steps to achieve CCPA compliance.

Regulating a Nation's Information Security Workforce

In a previous article, I examined Australia’s proposed Security Legislation Amendment (Critical Infrastructure) Bill 2020. This information security overhaul imposes strict reporting requirements for enterprises as well as affords the Australian government unprecedented and far-reaching powers that enables them to intervene in the operation of an organisztion’s network in the event of a threat to critical infrastructure.

US legislation brings mandatory cyberattack and ransomware reporting one step closer

The US Senate has passed legislation designed to improve the cybersecurity of the Federal Government. The legislation, which consists of three bills, was unanimously passed by the Senate on Tuesday evening, and would – amongst other things – require organisations working in critical industry sectors to alert the US Government about hacks and ransomware attacks.