As companies scramble to meet the requirements of the Bay State's data security law, CSOonline.com offers this collection of articles and podcasts to help IT security practitioners and compliance officers find the best approach. Ask IT security practitioners what their greatest compliance concern is these days and most will mention Mass 201 CMR 17.It is one of many state laws companies must heed, on top of such industry standards as PCI DSS and federal laws like HIPAA and Sarbanes-Oxley.CSOonline.com has been covering the challenges of Mass. 201 CMR 17 extensively, and has assembled this collection of articles and audio content to help companies plot their course. We hope you find it helpful.ARTICLES Mass 201 CMR 17: A Survival Guide for the AnxiousSecurity experts offer tips for navigating Mass 201 CMR 17. Will your business be ready? Why Mass. 201 CMR 17 Deadline Was ExtendedCompanies that live or do business in Massachusetts have a few extra months to meet compliance deadlines for the state’s tough 201 CMR 17 data protection law. The simple reason: Too few understand the law to meet the original deadlines.Mass. 201 CMR 17: The Darkness and the LightSome security experts say Massachusetts’ new data protection law (Mass. 201 CMR 17) is among the toughest they’ve seen. Three IT security practitioners who must deal with the law opine on whether it’s too harsh or not tough enough.Mass. Data Protection Law Amended, Deadline Extended (Again)Extension gives businesses until next year to comply with tough data privacy rules CSO Disclosure Series | The Dos and Don’ts of Disclosure LettersOne security breach, two letters, 11 lessons in the art of telling customers you screwed up. Two PR pros deconstruct the messages that Monster.com and USAJOBS were really giving to customers whose personal information had been disclosed. Part of an in-depth series about disclosing breaches. Related content news analysis DHS unveils one common platform for reporting cyber incidents Ahead of CISA cyber incident reporting regulations, DHS issued a report on harmonizing 52 cyber incident reporting requirements, presenting a model common reporting platform that could encompass them all. By Cynthia Brumfield Sep 25, 2023 10 mins Regulation Regulation Regulation news Chinese state actors behind espionage attacks on Southeast Asian government The distinct groups of activities formed three different clusters, each attributed to a specific APT group. By Shweta Sharma Sep 25, 2023 4 mins Advanced Persistent Threats Cyberattacks feature How to pick the best endpoint detection and response solution EDR software has emerged as one of the preeminent tools in the CISO’s arsenal. Here’s what to look for and what to avoid when choosing EDR software. By Linda Rosencrance Sep 25, 2023 10 mins Intrusion Detection Software Security Monitoring Software Data and Information Security feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Data and Information Security IT Leadership Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe