Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Legislation

Featured Post

DORA Is Here - But Readiness Concerns Are Far from Over

For months, the impending Digital Operational Resilience Act (DORA) deadline has dominated boardroom discussions across the financial sector with its potential to reshape operational and regulatory practices. Now that DORA is officially in effect, attention has shifted to other matters, such as a new US presidential inauguration, AI, and fiscal concerns for 2025. Yet DORA should remain a major cause for concern as the regulation is now active and enforcement has begun. Given its likely strict enforcement, financial organisations and third parties must maintain focus on compliance to avoid major regulatory and operational risks.

Materially Missing the Mark With Cyber Event Disclosure Rules

A little over a year ago, the US SEC’s rules on cybersecurity incident disclosures were enacted, mandating that all publicly traded companies report material cyber events within four days after they had been determined as such unless exempted for national security or safety reasons. The rationale behind these rulings was that they would provide investors and relevant stakeholders with the information necessary to make more informed decisions, thereby leading to more realistically priced options.

How the Proposed HISAA Law Could Reshape Cybersecurity Compliance

It’s been a tough year for the healthcare sector. Throughout 2024, cybercriminals have unleashed a barrage of attacks on a vast number of healthcare organizations - with disconcerting levels of success. FBI research revealed that healthcare is now the US’s most targeted industry.

Best Practices for Protecting PII: How To Secure Sensitive Data

Protecting PII has never been more crucial. In today’s digital world, where data breaches are rampant, ensuring PII data security is essential to maintain trust and compliance with regulations like GDPR and CCPA. PII protection safeguards sensitive personal information, such as names, addresses, and social security numbers, from cyber threats, identity theft, and financial fraud.

DORA Non-Compliance Could Cost Your Business

Prompted by a new era of cyber-attacks surging downtime and data breaches, the Digital Operational Resilience Act (DORA) regulation came into force on the 17th of January to reshape how organisations approach security, privacy and cybersecurity. Cybercriminals are becoming increasingly daring and creative, with an expected rise in the exploitation of new vulnerabilities in 2025.

Australian Essential 8 - Tanium Tech Talks #117

Achieve continuous compliance for Australia's Essential 8 framework. See how a little hands-on innovation and a few Tanium modules combine to form an unmatched solution for compliance certainty. Not in Australia? Then watch and learn how to create your own Tanium solution. Coverage: Can you account for and manage all assets? Currency: How old is the data in your latest report? Completeness: Does testing occur on all your endpoints or just a subset? Corrective Action: How do remediation activities fit into your regime?

Common Mistakes Companies Make When Implementing GDPR Policies

The General Data Protection Regulation (GDPR) has set a high standard for data protection and privacy in the European Union, impacting businesses worldwide. While most companies recognize the importance of compliance, many make critical mistakes during implementation, leaving them vulnerable to fines and reputational damage. Here are some of the most common pitfalls and how to avoid them.

New Law Could Mean Prison for Reporting Data Leaks

The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches. The new legislation proposes penalties for various cybersecurity-related offences. But they key one which has people concerned is this: The problem is, of course, that such a law may discourage the reporting of any potential data leaks.

Understanding the Proposed FAR CUI Rule

DoD, GSA, and NASA recently published a proposed amendment to the Federal Acquisition Regulation (FAR): Controlled Unclassified Information (FAR Case 2017-016) or ‘FAR CUI Rule’. It presents critical updates on managing Controlled Unclassified Information (CUI) in federal contracts, aiming to create a uniform approach across government agencies for handling and protecting sensitive information while addressing gaps in current policies.

Profits and Losses: How DORA Strengthens Financial Services Firms in the EU Before It's Too Late

The Digital Operational Resilience Act (DORA) came into effect on January 17, across the EU. This new regulation aims to fortify the cyber security defences of financial services firms and their suppliers against digital threats. Understanding DORA is crucial for businesses as it unifies cyber security regulations, reducing vulnerabilities and ensuring compliance. In this blog, we'll explore what DORA entails, its key components, and its implications for both EU and UK-based financial institutions.