A Guide to GDPR Encryption
The current cyber threat landscape forces the secure handling of personal data, and data privacy laws such as the General Data Protection Regulation (GDPR) assist in enforcing essential security measures.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Legislation
A Quick Guide To Information Security Programs
Broadly speaking, an information security program is a set of activities and initiatives that support a company’s information technology while protecting the security of business data and enabling the company to accomplish its business objectives. An information security program safeguards the proprietary information of the business and its customers. The Gramm-Leach-Bliley Act (GLBA) has a more specific definition of what a security information program should entail.
SLACIP: How to Comply with the SOCI ACT Reforms
On March 31, 2022, the Security Legislation Amendment Critical Infrastructure Protection Act 2022, also known as SLACIP, was passed by the Australian Parliament. The SLACIP Act aims to build upon the SOCI Act framework to improve the security of Australia’s critical infrastructures. To learn how the SOCI Act reforms will affect you and for guidance on how to comply with its new risk management requirements, read on.
The Impact of New Federal Banking Regulation
Let’s talk about the new federal bank regulation that goes into effect in April 2022. It will require organizations to notify about a breach within 36 hours, which is the shortest breach notification reporting requirement of any law to date. The clock starts ticking when the organization determines that an incident has occurred. A serious computer incident is usually defined as an incident that materially disrupts or degrades the performance of an organization.
Newly Proposed Rules from the SEC Mean New Requirements for the Financial Industry and Public
On March 9, the US Securities and Exchange Commission (SEC) issued proposed rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. SEC Chair Gary Gensler highlighted in the press release that “Over the years, our disclosure regime has evolved to reflect evolving risks and investor needs. Today, cybersecurity is an emerging risk with which public issuers increasingly must contend.
Adjusting to New Cybersecurity Regulations in 2022
Cybersecurity is a leading concern for businesses in 2022. As organizations have embraced rapid digitization, cybercrime rose alongside it, quickly illuminating how many security standards fall short. It also became evident how cybersecurity regulations need to expand to address today’s challenges. Here’s a closer look at how this regulatory landscape is shifting, why, and what businesses can do in response.
Consent versus legitimate interest - know the difference
When discussing the GDPR, a common confusion we run into is the difference between consent and legitimate interest, as well as when to use them as your legal basis for collecting, processing and storing personal data. Each of these are incredibly important in ensuring you’re connecting with your prospective customers and not stalking them.
Ultimate Guide to CPRA for US Businesses
To say that data governance and data compliance are rapidly becoming areas of immense strategic importance for businesses would be an understatement. Governments worldwide already have data protection laws in place or are busy drafting these laws. Moreover, users have become increasingly aware and educated about their rights online, especially regarding what data businesses can collect about them.
What Is the Impact of the GDPR on Online Transactions?
From the first online transaction in 1994, we have seen online transactions evolve faster than anticipated. With this also came an evolution of rules and regulations to avoid the abuse of personal data. The GDPR is one such regulation that has an important role in regulating the whole structure of online transactions. It has also led to the development of specialized fintech cybersecurity. But what exactly is the impact of the GDPR, and how is it helping?
Managing GDPR Vendor Third Party Risk Management Across Supply Chain
Vendor Third-Party Risk Management is a major concern for organizations looking to achieve GDPR Compliance. EU GDPR is a stringent Data Privacy law that organizations are expected to comply with. So, even organizations outsourcing major parts of their data processing operations to third-party vendors need to ensure that their vendors are compliant.