Vanta has helped auditors automate and simplify thousands of compliance audits, and we’re now making the process even easier. Today we’re excited to share that we’ve added new endpoints for auditor tools to the Vanta API, leading to a better collaboration experience for auditors and customers. ‍ With our new API endpoints, audit partners can integrate their tools with Vanta, allowing them to work in their preferred systems.

On June 17, 2024, the Los Angeles County Department of Public Health (DPH) disclosed a data breach impacting more than 200,000 clients, employees, and other individuals. The stolen data includes personal, medical and financial information. The DPH said the incident took place between February 19-20, 2024, was caused by a gang of cyber criminals who gained access to the log-in credentials of email accounts of 53 employees through a phishing email.

The NIS2 Directive is the EU-wide legislation on cybersecurity that came into force in 2023, following rules introduced in 2016 (NIS). NIS2 expanded the scope of sectors and entities who need to (legally) comply with the framework. The increased scope aimed to cover the “most” critical sectors, which are vital for the economy and society, though are heavily reliant on IT.

Data is the driving force behind businesses in this digital age. From customer information and financial records to trade secrets and proprietary research, these digital assets are invaluable. As cyber threats evolve, safeguarding your organization’s data has become an utmost priority. Whether you’re a small business owner, a corporate leader, or an Information and Communication Technology (ICT) specialist, the consequences of a data breach are severe and far-reaching.

Learn how prioritizing IT compliance boosts your bottom line — and ignoring it can potentially ruin your business.

In 2022, Microsoft rebranded its compliance and risk management tools under the name Microsoft Purview. Microsoft Purview provides a wealth of valuable functionality, including capabilities formerly provided by tools like Office 365 Security and Compliance, Microsoft 365 Security Center and Microsoft Compliance Manager.

October is rapidly approaching, and that means new cybersecurity regulations known as NIS2 are set to be enacted by European Union (EU) member states. States are required to publish their local version of the NIS2 Directive into law by the 17th of October. Whilst many countries are well on track, however, some have already acknowledged they will not meet the deadline. This delay leaves organisations somewhat in the dark as to what they will need to comply with and by when.

The Health Insurance Portability and Accountability Act (HIPAA) is U.S. legislation created to set national privacy and security standards to protect the privacy of patient health information and prevent data breaches. All organizations associated with healthcare, including health insurance companies and business associates, fall under HIPAA regulations – meaning they have to comply with HIPAA compliance requirements.

You don’t have to jump through endless hoops to achieve regulatory compliance. By finding an easy way to comply with the right laws, regulations, and industry standards, regulatory compliance can offer several benefits for companies. Specific compliance requirements vary by industry and country. But in general, implementing regulatory compliance is a mandatory requirement for every sector and every company in countries with a robust business and economic landscape.

The Australian Signals Directorate (ASD) is a government agency responsible for providing foreign signals intelligence and ensuring information security for Australia’s national interests. The ASD also significantly enhances the nation’s cybersecurity through strategic advice, standards, and protective measures.