California Consumer Privacy Act is a data privacy regulation established in the US. Achieving and maintaining compliance with the regulation can be overwhelming for organizations. But with the right understanding of the CCPA Compliance regulation and adhering to the compliance requirements, achieving compliance can be easy. So, explaining the regulation in detail we have shared an informative checklist that organizations can refer to as steps to achieve CCPA compliance.

On February 15th, the International Organization for Standardization (ISO), published the latest update to “ISO/IEC 27002 Information security, cybersecurity and privacy protection — Information security controls”. This latest standard is available for personal use from their site on ISO.org for CHF 198 (Swiss Francs) or, if you prefer, US dollars, $200, at the ANSI.org webstore. I’ll also simply refer to it as ISO 27002 as most people do.

ISO 27001 (or ISO/IEC 27001) is the leading international standard on information security management. As part of a wider set of related ISO (International Organisation for Standardisation) standards - the ISO 27000 series – it provides a well-defined framework to help any business create, implement, and maintain an effective information security management system (ISMS).

In November 2018, the Australian Prudential Regulation Authority (APRA) released the Prudential Standard CPS 234 in direct response to the escalating attack landscape in the financial sector. APRA has understood these threats to be the direct result of banking services moving to more complex and heavily used digital platforms. The new Standard emerged as an offshoot to the Notifiable Data Breach Scheme, which came into effect in early 2018.

It’s that time of the year again. The annual and dreaded IT and security audit is ramping up. You just received the documentation list and need to pull everything together. You have too much real work to do, but you need to prove your compliance posture to this outsider. Using log management for compliance monitoring and documentation can make audits less stressful and time-consuming.

Here in the United States, we often focus on the cybersecurity readiness of the federal government. The reality is that state and local government departments are just as, if not more vulnerable to cyber attacks. Nearly one quarter of their employees use personal devices for work, where security teams have little visibility, enabling threat actors to execute phishing and other malicious activities. These risks will only continue to grow as in-person services continue remotely.

The dreaded data ditch. You might not even know your organization is stuck in it – the company might still be acting on gut feel as opposed to relying on data, the data you have might be ungoverned and inaccurate, or you’re waiting weeks, even months, for your teams to glean useful insights. You’re not alone. Data leaders like yourself keep falling into the data ditch.