Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

What You Need to Know About California's New Data Protection Law

Senate Bill 1121, more commonly known as the California Consumer Privacy Act (CCPA) was passed on September 23, 2018, and becomes effective on January 1, 2020. Already being compared to the European Union’s General Data Protection Regulation (GDPR), the new law focuses on privacy rights and encompasses both consumer protection and data protection. Thus, organizations need to know how to secure and protect information to meet the CCPA’s regulatory requirements.

What is User and Entity Behavior Analytics and why does it matter?

A lot could happen within 100 days. One could start a new company, travel around the world or train for a marathon. One hundred days is also around the average time that attackers spend frolicking around compromised networks before being detected. For countries in Europe, Middle East, and Africa the number goes up to 175, or almost half of a year. To make matters worse, the longer a breach remains undetected the more expensive it becomes.

Six Myths People Still Believe About GDPR

The General Data Protection Regulation (GDPR) came into force in May 2018, and by the letter of the law, virtually every business in the UK needs to comply with it. However, there are still some misconceptions surrounding the law and what it means to organisations. This can lead to difficult situations where mistakes can be made.

Weekly Cyber Security News 19/04/2019

A selection of this week’s more interesting vulnerability disclosures and cyber security news. While not as main stream as Skype, Matrix has certainly gained a good following (one I’ve been personally watching for a few years myself). The announcement of a major breach via vulnerabilities in it’s Jenkins CI system do highlight that any door in will be taken and used to pivot into where the jewels really are.

The Importance of Threat Intelligence Feeds

Threat Intelligence Feeds, in fact, are an actionable threat data related to artifacts or indicators collected from any third-party vendors in order to learn from other company’s visibility and access to enhance your own cyber threat response and awareness. The example of these third-party vendors includes Kaspersky Threat Intelligence and Alient Vault OTX. Threat Intelligence Feeds concentrate on a single area of interest and they are delivered online.

How to Measure Internal Audit Performance

Ever-increasing cybersecurity threats have made data security a staple in all businesses that transmit, manage, or store sensitive data. However, many companies struggle with security when it is time to carry out IT audits. To determine the effectiveness of your risk management program, it is crucial to measure your organization's internal policies against the recommended industry standards and regulatory requirements.

What information does Detectify provide for PCI Compliance Requirement 6?

The Payment Card Industry Data Security Standard (PCI DSS) program provides an information security compliance benchmark for companies that are handling, processing and storing cardholder data online. Software development and vulnerability management are covered in the PCI DSS compliance requirements as this concerns products and applications created to handle cardholder data.