Legislation

Is GDPR a priority for businesses in 2022?

May 25, 2022 By MIRIAM SERNA In WatchGuard

Data privacy is a priority objective for businesses today, particularly after the European Union's General Data Protection Regulation (GDPR) became enforceable in 2018, as this law protects European citizens’ personal data and requires organizations to change some of their work processes.

Read Post

WatchGuard

Read more about Is GDPR a priority for businesses in 2022?

DFAR Guide & NIST 800-171

May 22, 2022 By John Gates In CalCom

In November 2010, the White House came up with the EO or Executive Order 13556. The order helped in establishing a uniform and open program across Defense and Civilian agencies for the management of information requiring dissemination or protection of controls with Government-wide regulations, laws, and policies.

Read Post

CalCom

Read more about DFAR Guide & NIST 800-171

Canadian privacy laws revisited: Is your organization staying ahead of the curve?

May 17, 2022 By ManageEngine In ManageEngine

Illustrated by Dorathe Victor The Personal Information Protection and Electronic Documents Act (PIPEDA) is well-known if you are an organization based out of Canada. In place for more than 20 years, it sets out rules for how businesses should collect, use, and disclose personal information while dealing in commercial activities. Some pieces of personally identifiable information (PII) that are protected under PIPEDA are name, age, ID number, income, ethnic origin, blood type, and more.

Read Post

ManageEngine

Read more about Canadian privacy laws revisited: Is your organization staying ahead of the curve?

2022 Q1 Privacy Update - A new year sparks new initiatives

May 16, 2022 By Tripwire Guest Authors In Tripwire

The first months of 2022 began slowly for privacy, but by the end of the first quarter we had our marching orders for the rest of the year. In the U.S., we saw an explosion of state privacy bills being put forward (again), the Senate utilized a seldom used maneuver to push President Biden’s Federal Trade Commission nominee through to confirmation, and Utah became the fourth state to enact comprehensive privacy legislation.

Read Post

Tripwire

Read more about 2022 Q1 Privacy Update - A new year sparks new initiatives

A Guide to GDPR Encryption

May 12, 2022 By Editor In Cyphere

The current cyber threat landscape forces the secure handling of personal data, and data privacy laws such as the General Data Protection Regulation (GDPR) assist in enforcing essential security measures.

Read Post

Cyphere

Read more about A Guide to GDPR Encryption

A Quick Guide To Information Security Programs

May 10, 2022 By Emily Heaslip In Nightfall

Broadly speaking, an information security program is a set of activities and initiatives that support a company’s information technology while protecting the security of business data and enabling the company to accomplish its business objectives. An information security program safeguards the proprietary information of the business and its customers. The Gramm-Leach-Bliley Act (GLBA) has a more specific definition of what a security information program should entail.

Read Post

Nightfall

Read more about A Quick Guide To Information Security Programs

SLACIP: How to Comply with the SOCI ACT Reforms

Apr 21, 2022 By Edward Kost In UpGuard

On March 31, 2022, the Security Legislation Amendment Critical Infrastructure Protection Act 2022, also known as SLACIP, was passed by the Australian Parliament. The SLACIP Act aims to build upon the SOCI Act framework to improve the security of Australia’s critical infrastructures. To learn how the SOCI Act reforms will affect you and for guidance on how to comply with its new risk management requirements, read on.

Read Post

UpGuard

Read more about SLACIP: How to Comply with the SOCI ACT Reforms

The Impact of New Federal Banking Regulation

Apr 20, 2022 By SecurityScorecard In SecurityScorecard

Let’s talk about the new federal bank regulation that goes into effect in April 2022. It will require organizations to notify about a breach within 36 hours, which is the shortest breach notification reporting requirement of any law to date. The clock starts ticking when the organization determines that an incident has occurred. A serious computer incident is usually defined as an incident that materially disrupts or degrades the performance of an organization.

View Video

SecurityScorecard

Read more about The Impact of New Federal Banking Regulation

Newly Proposed Rules from the SEC Mean New Requirements for the Financial Industry and Public

Apr 20, 2022 By Sule Tatar In Arctic Wolf

On March 9, the US Securities and Exchange Commission (SEC) issued proposed rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. SEC Chair Gary Gensler highlighted in the press release that “Over the years, our disclosure regime has evolved to reflect evolving risks and investor needs. Today, cybersecurity is an emerging risk with which public issuers increasingly must contend.

Read Post

Arctic Wolf

Read more about Newly Proposed Rules from the SEC Mean New Requirements for the Financial Industry and Public

Adjusting to New Cybersecurity Regulations in 2022

Apr 19, 2022 By Secude In SECUDE

Cybersecurity is a leading concern for businesses in 2022. As organizations have embraced rapid digitization, cybercrime rose alongside it, quickly illuminating how many security standards fall short. It also became evident how cybersecurity regulations need to expand to address today’s challenges. Here’s a closer look at how this regulatory landscape is shifting, why, and what businesses can do in response.

Read Post