Compliance

Compliance news, analysis, research, how-to, opinion, and video.

us eu flag
NAIC Summer 2017 Cybersecurity Working Group

disaster recovery plan ts

GDPR – how to make your DR compliant

With GDPR coming into effect on 25 May 2018, it's costing businesses significant time and money to ensure compliance with the new regulations. Rather this than risk a fine of 4% of turnover or €20million. But when it comes to your...

The modern guide to staying safe online

5 reasons to take a fresh look your security policy

Evolving ransomware and DDoS attacks, new technology such as IoT, and changing user behavior are all good reasons to revise your security policy.

negotiating contracts ts

Know the 'real' price of vendor contracts

Although many vendor engagements result in close working relationships, the age of predatory vendors is upon us. What can you do to avoid them?

coal power station

Critical Infrastructure Protection (CIP): Security problems exist despite compliance

CIP is just one of 14 mandatory NERC standards that are subject to enforcement in the U.S. However, it gets a good deal of attention because this regulation is centered around the cybersecurity of assets deemed to be critical to the...

European Union EU

General Data Protection Regulation (GDPR) requirements, deadlines and facts

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that...

Stack of legal documents with compliance and regulatory stamp

What are the GDPR requirements?

Here’s how the General Data Protection Regulation (GDPR) will change how companies process, store and secure EU customer data.

boy slingshot threat

‘Sometimes it is necessary to bend the rules a bit’

A recent survey asked employees why they didn’t follow the rules and much of the response sounded a bit like a child answering their parent. They might have been bored or there were too many rules to deal with.

Few firms will be ready for new European breach disclosure rules, fines

The new European General Data Protection Regulation goes into effect next May, with onerous notification requirements and high penalties, but a year might not be enough for firms to get ready

data protection
Infographic

GDPR requirements raise the global data protection stakes

New European Union data protection rules go into effect in 2018. Will you be ready?

controlling privacy

What Pepsi's failed ad can teach us about data privacy

Better design and planning would have prevented the Pepsi ad debacle. Those principles will also help information security teams provide better data privacy.

employees technology planning data [Computerworld, January-February 2017 - HR IT]

Cyber Resilience 2.0, now shipping

The heads of IT security gathered at a recent Think Tank and agreed on a next generation definition of cyber resilience.

owasp

Latest OWASP Top 10 looks at APIs, web apps

The new release of the OWASP Top 10 list is out from the Open Web Application Security Project, and while most of it remains the same there are a couple of new additions, focusing on protections for web applications and APIs

owasp

Contrast Security responds to OWASP Top 10 controversy

Contrast Security has addressed the recent backlash over section A7 of the OWASP Top 10 list for 2017. The company issued a statement on the matter after industry professionals suggested the A7 addition was an example of a vendor...

trump govt employees twitter

We're all responsible for combating fake news

In the darkness of fake news and phishing, it’s our job to shed a little light and equip employees with the skills to navigate treacherous waters.

statue of liberty

Expert: NY breach report highlights third-party risk

New York reported a record high number of breaches last year, just after a new set of cybersecurity regulations went into effect in the state.

10 phishing

How to avoid falling for the W-2 phishing scam

The W-2 scam provides another example of how a security awareness program that adapts to trending threats has an advantage over a one-size-fits-all plan.

Code of Federal Regulations

Updates that simplify NIST certifications

A road map that reduces time and resources required across multiple frameworks and regulations.

times square new york

New financial regulations go into effect in New York

On March 1, new regulations go into effect in New York State, requiring that all regulated financial services institutions have a cybersecurity program in place, appoint a Chief Information Security Officer, and monitor the...

Load More
You Might Also Like