Compliance
Compliance | News, how-tos, features, reviews, and videos
Is the EARN-IT Act a backdoor attempt to get encryption backdoors?
New bipartisan US legislation to fight online child exploitation incentivizes companies to drop end-to-end encryption, critics say.
Top cybersecurity facts, figures and statistics for 2020
From malware trends to budget shifts, we have the latest figures that quantify the state of the industry.
8 PCI DSS questions every CISO should be able to answer
PCI DSS is a standard backed by all the major credit cards and payment processors that is designed to protect credit card numbers. It specifies a set of cybersecurity controls and business practices and requires either...
Recent False Claims Act cases a caution to gov’t contractors that skimp on security
Two FCA cases unsealed in 2019 show that contractors can face multi-million-dollar penalties if they don't comply with federal government cybersecurity requirements.
9 CCPA questions every CISO should be prepared to answer
Executive management anxiety over the California Consumer Privacy Act will rise as the enforcement deadline looms. Security managers will need to know the answers to these questions.
What the Brexit Withdrawal Agreement Bill means for data protection and the GDPR
Boris Johnson's Withdrawal Agreement Bill (WAB) largely leaves existing data protection regulation in place, but changes are still possible.
5 ways to improve your security posture in 2020
What will shape the cybersecurity conversation in 2020? Only time will tell, but following these five trends will help you rise to new challenges.
How to use Microsoft Compliance Score to improve data protection
The new Compliance Score console in Microsoft 365 offers templates and advice to help meet the ever-growing list of regulatory data protection and privacy rules.
What you need to know about the US CLOUD Act and the UK COPOA Act
A new data access agreement between the UK and US streamlines law enforcement’s ability to gain access to data held on foreign soil.
China’s MLPS 2.0: Data grab or legitimate attempt to improve domestic cybersecurity?
The new version China’s Multi-Level Protection Scheme (MLPS) expands what companies fall under its purview and lower the threshold for government inspection. Should companies with operations in China be concerned?
Compliance mandates, cybersecurity best practices dominate 2019 security priorities
IDG's Security Priorities Study shows most organizations' security efforts are driven by compliance requirements and efforts to improve security best practices.
When and how to write a GDPR DPIA
Data Protection Impact Assessments are a way for companies to minimize risk around new processes and keep a record demonstrating their efforts to comply with the GDPR.
How to create an effective security policy (and 4 templates to get you started)
Download our ebook that features templates for security policies on passwords, acceptable use, email, access control, BYOD and incident response.
What is PSD2? And how it will impact the payments processing industry
The EU’s revised Payment Services Directive (PSD2), which include multifactor authentication for online European payment card transactions, will have a ripple effect on the payments processing industry in the U.S. and elsewhere.
Privacy Shield and Brexit: What now? What next?
Once the UK leaves the European Union, companies on both sides of the Atlantic will need to act to ensure compliant data flows between the UK and US under Privacy Shield.
Data privacy in the IoT age: 4 steps for reducing risk
As internet of things (IoT) devices proliferate, corporate security teams face a steep challenge around data privacy. Here's what you can do now to protect your company.
What is the CCPA and why should you care?
CCPA is the law and the only way for a business to opt-out of it is to go out of business. For businesses that want to stay in business, however, CCPA is just the beginning of things to come.
