Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

According to the latest cybersecurity report of CNIL, the French data protection supervisor, France has seen a record of personal data breaches in 2021 — a near 80% increase from 2020. The CNIL carried out strict regulatory measures on French businesses and organizations in 2021, sending 135 formal notices that resulted in €214 million in fines and 18 sanctions. Nine sanctions were for inefficient data security.

Vulnerability disclosure programs (VDPs) are structured frameworks or processes for organizations to document, submit, and report security vulnerabilities to all other relevant organizations. Being ready and able to address vulnerabilities before they become problems is an essential part of any cybersecurity strategy. While VDPs are not currently required by law, the U.S. government encourages vulnerability disclosure programs as a proactive approach to cybersecurity.

The Texas Data Privacy and Security Act (TDPSA) was enacted on June 18, 2023, making Texas the tenth U.S. state to authorize a comprehensive privacy law that protects resident consumers. The TDPSA borrows many statutes from other state privacy laws, mainly the Virginia Consumer Data Protection Act (VCDPA) and the California Consumer Privacy Act (CCPA).

The Cybersecurity Maturity Model Certification (CMMC) is a US Department of Defense (DoD) certification framework that aims to protect sensitive information handled by Defense Industrial Base (DIB) contractors by establishing a set of cybersecurity standards and best practices to follow. DIB partners often handle critical DoD information and other government data to operate, which typically has various levels of sensitivity and classification.

When the Nevada Revised Statutes Chapter 603A (Nevada Privacy Law) was first proposed, it only required businesses to notify consumers in the event of a data breach. Since then, the law has been expanded and amended on several occasions. Today, the law grants resident consumers various privacy rights and requires operators and data brokers to adhere to strict data protection regulations.

Finding the perfect cybersecurity SaaS solution can be difficult considering the numerous factors that must be considered, such as the industry your organization operates in, the number of vendors your organization manages, the budget available to find a suitable security solution, and the specific use cases for your organization. Part of the selection process is to trial many different products so you can compare multiple services and find the best solution for your organization’s needs.

A critical vulnerability in FortiGate SSL VPN could allow hackers to access vulnerable systems and inject malicious code, even if Multi-Factor Authentication (MFA) is enabled. To learn how to identify whether your Fortinet product is impacted and how to quickly secure it, read on. Learn how UpGuard simplifies Vendor Risk Management >

Your choice of external attack surface management software could significantly reduce your data breach risks, but only if it has the proper set of features. To learn which features to look out for in an external ASM solution, read on. Learn how UpGuard simplifies Attack Surface Management >

Effective remediation management is critical as it has the greatest positive influence on your cybersecurity risk management lifecycle. Efficient remediation ensures vulnerabilities are completely addressed, supporting compliance management efforts and a healthy security posture, reducing overall data breach risks. Poor remediation burdens security teams with avoidable incident responses, distracting them from emerging cyber threats bloating remediation backlogs.

‍Cybersecurity and Infrastructure Security Agency (CISA) is a branch of the United States Department of Homeland Security (DHS) that is responsible for strengthening cybersecurity and infrastructure protection for critical infrastructure organizations across all levels of government.