Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Understanding The Gramm-Leach-Bliley Act (GLBA) Privacy Rule

The Gramm-Leach-Bliley Act, known as the GLBA, was passed in 1999 under President Clinton. The goal of the GLBA was to update and modernize the financial industry. Today, it’s primarily used to protect customer and consumer information, with steep penalties for financial institutions that violate its privacy rules. Here’s what you need to know about the GLBA and its regulations.

Data Protection 2022: New U.S. State Laws Reflect Convergence of Privacy and Security Requirements

Many countries around the world recognized Data Protection Day in January — a day that highlights the importance of protecting individual privacy and data against misuse. The U.S. celebrated Data Privacy Day, where privacy and security have often been seen as two separate issues. This is evidenced by the way law has historically developed.

The Federal Trade Commission Announces New Updates

The Federal Trade Commission (FTC) put significant updates into effect on January 10th, 2022, to strengthen the Standards for Safeguarding Customer Information (Safeguards Rule) under the Gramm-Leach-Bliley Act (GLBA) to protect consumer data collected by financial institutions. The amendment applies to nonbank financial institutions and requires them to develop, implement, and maintain a comprehensive cybersecurity program in order to protect their customers’ information.

Cybersecurity Laws - Get Ready Today to Save Some Money Tomorrow

It looks likely that the UK will join a growing number of nations promoting cybersecurity’s importance for businesses including the introduction of new laws. Amongst the proposals being considered are adding new powers to the UK Cyber Security Council that could significantly change the reporting requirements associated with security incidents. From what has been shared to date, two points that stand out are as follows.

California Consumer Privacy Act (CCPA) Compliance: What you need to know to be compliant

The California consumer privacy act (CCPA) is a law that was passed in 2018, and it is in effect from January 1st 2020. The California attorney general’s office has not taken any enforcement action against firms that did not meet the standards until July 1st 2020. A lot of people are unsure about what this new law means for them. Like the GDPR, there are significant penalties for non-CCPA compliance and potential loss of consumer loyalty.

Understanding Monetary Authority of Singapore's (MAS) Guidance: Safeguarding Your Financial Institution's Cloud Environment

As a major financial hub in Asia and globally, Singapore is very aware of the challenges facing the financial industry, especially the accelerated digital transformation that stemmed from the COVID-19 pandemic. In response to the sector’s increased exposure to cloud technology, the Monetary Authority of Singapore (MAS) has released a guideline to address cybersecurity risks associated with the adoption of public clouds.

How Will ISO 27701 and the GDPR Affect Your Organization?

Companies today face increasing pressure to implement strong cybersecurity controls. While the U.S. has no comprehensive cybersecurity law, many organizations still fall under state, international, or industry regulations. Two of the most prominent controlling publications are the General Data Protection Regulation (GDPR), and the ISO 27701 standard. One has the force of law, and the other is a guiding framework, respectively. Both of these documents apply to an increasing number of businesses.

Will China's Personal Information Protection Law be a game-changer for data security?

20th August 2021, dawned a new era for China’s cybersecurity with the passing of China’s Personal Information Protection Law (PIPL) which is the first comprehensive legal attempt to define personal information and regulate its storing, transferring, and processing.

Australia Leads with Controversial Cyber Laws

The Australian government is looking to pass the Security Legislation Amendment (Critical Infrastructure) Bill 2020, an overhaul which is aimed to help Australian businesses fend off cyberattacks. The Bill expands the business sectors that were previously defined as critical infrastructure by adding, amongst others, Food and Grocery, Finance and Banking, Universities, Communications, Defense, Energy, and Transportation to the list.