How US federal agencies can better meet advanced event logging requirements Recently, the US Government Accountability Office (GAO) released a study tracking US federal agencies’ progress on meeting the requirements set out in OMB M-21-31. Released in 2021, the Office of Management and Budget (OMB)’s M-21-31 memorandum provided guidance and requirements for federal agencies in order to improve centralized visibility into logging data before, during, and after cybersecurity incidents.

GDPR, or the General Data Protection Regulation, is a data privacy law that many businesses around the world need to comply with. If you’re operating a business or managing a website, it’s important to know how the law applies to you and your website’s data collection processes. In this blog post, we’ll answer some fundamental questions about GDPR and provide guidance on how to get your website GDPR compliant. ‍

If you are an organisation that operates or does business in the European Union (EU), then your team is likely preparing for the NIS2 Directive, an EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU and goes into effect on October 17, 2024. However, according to a survey by cybersecurity firm Sailpoint (and a Sumo Logic customer), only 34% of organisations in the UK, France, and Germany are prepared for NIS2.

For many organizations, the transition to the cloud for data storage is inevitable. Whether shifting operations entirely to a cloud environment or modernizing your systems using cloud-based applications, you must choose the best cloud computing platform with the best cloud security for your compliance program.

As we bid farewell to 2023, let’s take a stroll down memory lane and groove through the top hits of TrustCloud’s product releases. We’re breaking down your favorite chart-toppers, from the smooth upgrades that became part of your daily rhythms to the fresh features that added a jazzy touch to your workflow. So, kick back, hit play, and scroll through the beats that made 2023 an unforgettable chapter for TrustCloud’s customers, team, and partners.

We’re excited to share that for the fifth quarter in a row, Vanta has been named the #1 Leader in G2’s Grid® Report for Security Compliance | Winter 2024. ‍ Recently crossing 800 reviews on G2, Vanta also continues to be recognized as a leader in Cloud Compliance, Cloud Security, Vendor Security and Privacy Assessment, and Vendor Management, achieving top placement in 18 categories.

When it comes to implementing security controls throughout an organization, there are a lot of cases where the work may be doubled, tripled, quadrupled or more by having to “reinvent the wheel” multiple times. It’s a common problem, but fortunately, it also has a common solution: common controls. What does all of this mean? Let’s dig in.

The rapid rise of artificial intelligence, more specifically, generative AI systems such as OpenAI’s ChatGPT, has simultaneously spurred intense development and concern over the past year. On the 30th of October, President Joe Biden signed an Executive Order that urges new federal standards for AI development, safety, security, and trustworthiness that also address many other facets of AI risk.

TrustCloud teamed up with Dan Andrea, a partner at KLR, to discuss: Read more of Dan’s suggestions below, or check out the conversation on YouTube.

If you recently took a relaxing European vacation and flew Air Europa, check your credit card statement. They are the latest victim of a malicious hack exposing customer credit card numbers, expiration dates, and even the associated stored CCV codes—which contradicts Payment Card Industry Data Security Standard (PCI DSS) regulations.