On May 9, the North American Electric Reliability Corporation (NERC) officially adopted new Critical Infrastructure Protection (CIP) requirements for Internal Network Security Monitoring (INSM). This is one of the last steps before Federal regulators make it an official standard for utilities and the electrical power grid industry. What does it mean? Compliance for CIP-015-1 is coming to your utility. Utilities will need monitoring tools with deep and wide asset intelligence and network control.

In 2022, the EU’s General Data Protection Regulation (GDPR), the most powerful data privacy law in a generation, was used to fine a nosy neighbor.

Established in 2019 with headquarters in Colorado, Workstreet stands out as a premier Managed Security Service Provider (MSSP) dedicated to supporting hyper-growth technology businesses with security and compliance needs. Workstreet approaches its vCISO and security services as strategic accelerators for client growth, helping clients establish, maintain, and demonstrate their security and privacy functions. ‍

‍Since the SEC's latest cybersecurity regulations went into effect, thousands of companies have already been compelled to submit their annual Form 10-K with the novel Item 1C. Similarly, dozens of organizations have filed updated Form 8-Ks to disclose cybersecurity incidents. Slowly but surely, these public reports are helping investors become more aware of the intrinsic relationship between cyber risk and market value.

Thanks to digital innovations, we can easily connect online, but they also leave us increasingly vulnerable and exposed.68% of consumers are concerned about the volume of data businesses collect about them, with 40% expressing a lack of trust in companies’ ethical handling of data. Therefore, it’s no surprise that data privacy regulations are constantly improving.

The European Union (EU) is taking a significant step forward in the fight against cybercrime by introducing the Network and Information Systems Directive 2, or NIS 2. This directive represents a major overhaul of cybersecurity regulations across the continent, aiming to bolster defenses against the ever-evolving threats of the digital age. In this first of four blog posts, we will introduce the basics of NIS 2.

Cyberattacks on the automotive industry are becoming more sophisticated. In its 2024 Automotive Cybersecurity Report, Upstream found that 50% of all automotive cyber incidents in 2023 had a high or massive impact. Similarly, 95% of all attacks in 2023 were executed remotely, and 37% of attacker activities in the deep and dark web target multiple original equipment manufacturers (OEMs) simultaneously.

For SaaS applications and cloud service providers (CSPs), maintaining compliance with FedRAMP requirements is critical to the bottom line. It means the difference between working with U.S. government agencies—or not. But as one might expect from a bureaucratic process, getting FedRAMP authorization is complicated and takes time. Before starting the FedRAMP approval process, teams and company leaders must understand the required steps, prepare thoroughly, and muster their patience.

In an era where digital transactions reign supreme, ensuring the security of payment card data is paramount for businesses. This is where the Payment Card Industry Data Security Standard (PCI DSS) comes into play, serving as a crucial framework for safeguarding sensitive information and protecting both businesses and consumers from the ever-present threat of cybercrime. While it is generally associated with large businesses, it is equally important for smaller ones as well.