Compliance

How to get your Cyber Essentials certification: A process guide

Oct 4, 2024 By Vanta In Vanta

Most organizations today are heavily reliant on technology, regardless of the product or service they provide. This expands their data exposure points and potential attack surface, which is why there is a significant need to monitor the risks and vulnerabilities in the cybersecurity landscape. ‍ Cyber Essentials certification is a comprehensive cybersecurity strategy involving vigilance over various scattered technologies, policies, and controls.

Read Post

Vanta

Read more about How to get your Cyber Essentials certification: A process guide

The critical risk in DORA financial regulations

Oct 4, 2024 By [email protected] In JUMPSEC

Supply chain attacks are a growing concern, particularly within the financial sector, with attackers increasingly using key technology suppliers as a ‘jumpbox’ to pivot into their intended target organisation. Last year’s MOVEit breach for instance saw a single ICT supplier ultimately cause ~2,356 organisations to be compromised, with primary victims predominantly in the financial sector.

Read Post

JUMPSEC

Read more about The critical risk in DORA financial regulations

GitGuardian Introduces European Data Hosting to Ensure Data Sovereignty and GDPR Compliance

Oct 3, 2024 By Ferdinand Boas In GitGuardian

GitGuardian introduces European data hosting for its Secrets Detection Platform SaaS, ensuring data sovereignty and GDPR compliance. Discover how our new EU hosting options help enterprises meet regulatory requirements and protect sensitive data with ease.

Read Post

GitGuardian

Read more about GitGuardian Introduces European Data Hosting to Ensure Data Sovereignty and GDPR Compliance

Must-Know Strategies for DORA Compliance

Oct 2, 2024 By Rubrik In Rubrik

In this episode of CISO Conversations: EU Data Regulations, Richard Cassidy, EMEA Field CISO at Rubrik, is joined by Anna Delaney, Director of Productions at Information Security Media Group (ISMG), to explore why the Digital Operational Resilience Act (DORA) makes operational resilience a priority for financial services organizations. They discuss how DORA will impact your financial institution, how to best prepare for DORA and improve operational resilience, and how to increase oversight and accountability of third parties in the supply chain.

View Video

Rubrik

Read more about Must-Know Strategies for DORA Compliance

Understanding EAR Compliance Regulations: Tips for US and non-US Companies

Oct 2, 2024 By Irena Mroz In archTIS

Coauthored with Eva Galfi, CEO & Principal Consultant, International Trade Advisors Pty Ltd The Department of Commerce’s Bureau of Industry and Security (BIS) implements and enforces the Export Administration Regulations (EAR) to regulate the export, reexport and transfer (in-country) commercial and less sensitive military items. If you need to comply with or learn more about US export control requirements, read our 6 W’s EAR Compliance to help you comply with these strict U.S.

Read Post

archTIS

Read more about Understanding EAR Compliance Regulations: Tips for US and non-US Companies

How companies subject to HIPAA requirements manage sensitive data with Datadog

Oct 2, 2024 By Edith Mendez In Datadog

Healthcare organizations face unique challenges in managing and processing vast amounts of personal information, such as medical records, insurance information, Social Security numbers, and more. To accelerate patient care, these organizations are under pressure to rapidly share this information among providers, insurers, and patients—all within the landscape of a rapidly evolving cloud environment.

Read Post

Datadog

Read more about How companies subject to HIPAA requirements manage sensitive data with Datadog

Monitoring Your Files for Security and Compliance

Oct 1, 2024 By John Salmi In Tripwire

Have you ever stopped to consider all of the components that comprise a working automobile? Even a cursory examination reveals more parts than might be considered when we turn the ignition key. However, many of these components are useless when detached from the full product. A steering wheel without a car is not exactly an efficient mode of transportation.

Read Post

Tripwire

Read more about Monitoring Your Files for Security and Compliance

CMMC 2.0: A Roadmap to Compliance with Trustwave

Oct 1, 2024 By Trustwave In Trustwave

The U.S. Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) 2.0 has passed through the Office of Information and Regulatory Affairs and is now on its way to Congress, set to become law by Q4 2024. With the CMMC becoming official law, its full implementation in defense contracts will occur through a phased approach over three years starting in 2025.

Read Post

Trustwave

Read more about CMMC 2.0: A Roadmap to Compliance with Trustwave

Is VAPT required for ISO 27001 compliance?

Oct 1, 2024 By Indusface In Indusface

It’s considered a best practice to regularly conduct VAPT to identify and fix vulnerabilities in systems, applications, and networks, ensuring robust security.

View Video

Indusface

Read more about Is VAPT required for ISO 27001 compliance?

Data Protection Officers and Their Key Responsibilities

Sep 30, 2024 By Narendra Sahoo In VISTA InfoSec

Data breaches, cyberattacks and misuse of personal information are severe threats challenging the privacy of customer’s data, they can not only damage a company’s reputation but can also lead to heavy fines if compromised. To overcome these challenges, data protection laws are established. Data protection laws safeguard personal information and establish important guidelines on collection, storage, processing, sharing and disposal of personal data.

Read Post