Compliance

Compliance | News, how-tos, features, reviews, and videos

rules rulebook law compliance regulation by baloon111 getty
News Analysis

FTC, SEC raise legal risks surrounding the log4j flaw

One avatar is uniquely identified among others at the center of a bullseye in a digital environment.
Feature

Protecting PII: Examples, laws, and standards

Gears in the form of a cloud in a binary field > Cloud controls
News Analysis

UK NCSC updates Cyber Essentials technical controls requirements and pricing structure

Technical controls update includes revisions surrounding the use of cloud services, multi-factor authentication, and password management. New pricing structure better reflects organisational size and complexity.

01 intro prediction
Feature

Top 8 cybersecurity predictions for 2022

Seeing opportunities in the mass move to remote work, cyberattackers are updating their tactics, compelling security leaders to respond. Experts make their predictions about threat reduction, compliance, supply chain management,...

iot security startups hot highlights planets rocket lock security
Feature

18 cybersecurity startups to watch

Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management,...

USA / United States of America stars + stripes and binary code superimposed over The White House
News Analysis

NIST gears up for software security and IoT labeling pilot programs

Intended to help consumer make more secure software and IoT device purchases, the labeling guidelines are voluntary and self-policing at this time.

A binary map of china.
Opinion

China's Personal Information Protection Law (PIPL) presents challenges for CISOs

PIPL's data localization mandate places unique requirements on businesses operating in China, and regulators have great leeway to assess fines.

facial recognition - biometric security identification
News Analysis

UK ICO to fine Clearview AI £17 million for data protection law breaches

The facial recognition company is cited for not having proper data protection processes in place or a lawful reason to collect personal information, among other violations.

noops devops automated developers ai code by andrey suslov
News Analysis

NIST workshop provides clues to upcoming software supply chain security guidelines

Experts at a NIST-sponsored workshop weigh in on what might be in the final version of the Biden executive-order-mandated supply chain security guidelines.

Unitd States cybersecurity > U.S. flag with a digital network of locks instead of stars
News Analysis

Pentagon announces version 2.0 of its controversial CMMC program

CMMC 2.0 simplifies the process for SMBs, but critics say the verification process relies too much on self-attestation.

nycrr cybersecurity gavel regulation compliance law nyc statue of liberty
News Analysis

Infrastructure bill includes $1.9 billion for cybersecurity

Passage of the infrastructure bill includes $1.9 billion for cybersecurity, and more could be on the way with the Build Back Better and other bills working their way through Congress.

A broken link in a digital chaing / weakness / vulnerability
News Analysis

CISA releases directive to remediate dangerous vulnerabilities across civilian agencies

While the move is applauded, a short timeframe to address vulnerabilities will be a challenge for security resource-strapped agencies.

mark adams adobe cso headshot
Feature

How Adobe reduced compliance fatigue

With compliance putting undo strain on product teams, Adobe SVP and CSO Mark Adams and team built an automation platform. The effort paid off in scale, speed, and reduced risk and earned the software provider a CSO50 award for...

USA / United States of America stars + stripes and binary code superimposed over The White House
News Analysis

Biden’s cybersecurity executive order, a progress report

Of the 46 tasks President Biden mandated to protect digital government assets, 19 are now completed, though not all agencies have reported their progress.

endpoint security hacker vulnerablility secure mobile security app
News Analysis

FCC asks carriers to step up to stop SIM swapping, port-out fraud

The US federal agency puts pressure on telecom carriers to put better authentication, account protection safeguards in place.

compliance compliant regulation rules stamp gdpr
News

Telos, Splunk, and StackArmor streamline ATO compliance on AWS

The FASTTR initiative from the three cloud and security companies aims to help regulated defense contractors and software providers navigate through complex government security regulations including FedRAMP, CMMC, FISMA, and...

keeping the cloud secure cloud security lock padlock private cloud
Feature

CISA's Cloud Security Technical Reference Architecture: Where it succeeds and where it falls short

CISA's reference architecture will help federal government agencies improve cloud security, but it relies too much on outdated guidance.

healthcare data breach / medical patient privacy security violation
Opinion

Breach reporting required for health apps and devices, FTC says

A new policy statement makes it clear that the US Federal Trade Commission will hold healthcare app and device makers accountable for reporting data breaches.

Ransomware > An encrypted system, held ransom with lock + chain, displays a dollar sign.
News Analysis

US cryptocurrency exchange sanctions over ransomware likely not the last

The sanctions are aimed to cut ransomware gangs off from their revenue. Advisory on sanctions risks regarding ransomware payments also updated.

USA / United States of America stars + stripes and binary code superimposed over The White House
News Analysis

Software cybersecurity labels face practical, cost challenges

The federal government wants consumer software to have cybersecurity labels; experts question the feasibility of the mandate.

Load More
You Might Also Like
Popular Resources
See All
Most Popular