In 2022, the EU’s General Data Protection Regulation (GDPR), the most powerful data privacy law in a generation, was used to fine a nosy neighbor.

Established in 2019 with headquarters in Colorado, Workstreet stands out as a premier Managed Security Service Provider (MSSP) dedicated to supporting hyper-growth technology businesses with security and compliance needs. Workstreet approaches its vCISO and security services as strategic accelerators for client growth, helping clients establish, maintain, and demonstrate their security and privacy functions. ‍

The European Union (EU) is taking a significant step forward in the fight against cybercrime by introducing the Network and Information Systems Directive 2, or NIS 2. This directive represents a major overhaul of cybersecurity regulations across the continent, aiming to bolster defenses against the ever-evolving threats of the digital age. In this first of four blog posts, we will introduce the basics of NIS 2.

‍Since the SEC's latest cybersecurity regulations went into effect, thousands of companies have already been compelled to submit their annual Form 10-K with the novel Item 1C. Similarly, dozens of organizations have filed updated Form 8-Ks to disclose cybersecurity incidents. Slowly but surely, these public reports are helping investors become more aware of the intrinsic relationship between cyber risk and market value.

Thanks to digital innovations, we can easily connect online, but they also leave us increasingly vulnerable and exposed.68% of consumers are concerned about the volume of data businesses collect about them, with 40% expressing a lack of trust in companies’ ethical handling of data. Therefore, it’s no surprise that data privacy regulations are constantly improving.

Cyberattacks on the automotive industry are becoming more sophisticated. In its 2024 Automotive Cybersecurity Report, Upstream found that 50% of all automotive cyber incidents in 2023 had a high or massive impact. Similarly, 95% of all attacks in 2023 were executed remotely, and 37% of attacker activities in the deep and dark web target multiple original equipment manufacturers (OEMs) simultaneously.

In an era where digital transactions reign supreme, ensuring the security of payment card data is paramount for businesses. This is where the Payment Card Industry Data Security Standard (PCI DSS) comes into play, serving as a crucial framework for safeguarding sensitive information and protecting both businesses and consumers from the ever-present threat of cybercrime. While it is generally associated with large businesses, it is equally important for smaller ones as well.

As a cybersecurity company, Obrela is vigilant in monitoring the evolving regulations and how these impact our clients, especially those in the financial sector. With the introduction of the Digital Operational Resilience Act (DORA), we see a transformative step forward in the European Union’s approach to financial cyber resilience. Here’s an overview of what DORA entails and what it means for financial entities.

The impact of the 2024 RSA Conference on security in San Francisco was beyond expectations. It was really a fantastic opportunity to meet an amazing group of individuals from all stages of the software supply chain from CISOs to researchers to development and security teams.

In many cases, cutting something off is necessary to avoid bigger damage. This is the idea behind controlled infrastructure removal, the elimination of some parts of your cloud infrastructure to contain an attack or remove a potential attack surface. It is an important part of infrastructure-as-code (IaC) management and something organizations need to be familiar with as they secure their cloud environments and the apps they develop.