The PCI DSS Checklist is a crucial first step in securing your business. It’s a tool that helps businesses ensure they’re meeting all the requirements of the Payment Card Industry Data Security Standard (PCI DSS). By following the steps outlined in the checklist, businesses can take a comprehensive approach to security measures and access controls, and respond to new threats posed by technological advancements.

The U.S. Securities and Exchange Commission (SEC) this week voted to adopt new rules for how companies inform investors about cybersecurity concerns. The vote comes after years of gradually increasing guidance and scrutiny over companies’ handling of cybersecurity events and follows a lengthy comment period where companies, including CrowdStrike, provided input.

The U.S. Securities and Exchange Commission (SEC) announced new regulations for public companies requiring them to disclose a “material cybersecurity incident” via formal report due four business days after a company determines that a cybersecurity incident is material. This is creating a lot of buzz, with companies worried if they will be prepared.

What happened? The SEC (Securities and Exchange Commission) has introduced new rules that require public companies to be more transparent about their cybersecurity risks and any breaches they experience. This means companies will need to regularly share information about how they're managing cybersecurity risks and any significant cybersecurity incidents they've had. If a company experiences a significant cybersecurity incident, they'll need to report it within four business days.

Like a multitude of professions, the field of Information Technology (I.T.) is vast and requires specialized experience. There are network infrastructure specialists, risk and compliance analysts, cybersecurity professionals, technical generalists and more. I.T.

The Virginia Consumer Data Protection Act (VCDPA) was the second comprehensive consumer privacy law passed in the United States. The act followed the California Consumer Privacy Act (CCPA) and took effect on January 1, 2023. Commercial organizations that conduct business in Virginia and process consumer data will be the most affected by the VCDPA. Learn how UpGuard’s comprehensive cybersecurity solution can help your business remain compliant>

GRC programs are often viewed as cost centers. But, they can in fact be profit drivers by contributing to sales acceleration, cost and time savings, and risk reduction. The real question is, how can you prove that to the board? TrustCloud teamed up with ISSA to discuss.

Our team has been hard at work creating updates and new features just for you, see what we’ve been up to over the last month.

Yesterday the US Securities and Exchange Commission (SEC) voted 3-2 to issue long-awaited regulations that mandate uniform cyber incident disclosures for public companies. The SEC’s rulemaking progress has been lengthy and controversial, and cybersecurity experts and business advocates have been eagerly awaiting the release of the final rules after more than a year of public comment and lobbying from business and cyber experts.

The NIS2 Directive, published in December 2022, sets out a series of measures for improving cyber risk management throughout the European Union. All EU member states must apply the Directive as part of national law by October 2024. By the same date, all applicable organizations must comply with the measures set out in NIS2.