Compliance

Compliance | News, how-tos, features, reviews, and videos

A network of security components overlays a credit card payment made by laptop user.
United States-United Kingdom flags with binary data flow under a magnifying lens.

GDPR / data privacy / protection

EU court invalidates Privacy Shield data transfer agreement

US companies receiving EU personal data under Privacy Shield will need to find a replacement legal mechanism, and the decision could affect data protection policies and procedures.

power plant utilities energy innovation industrial iot american public power association unsplash

New DOE document names China, Russia as threats to US bulk power system

A US Department of Energy RFI seeks information on energy industry's supply chain security practices following executive order to develop industry regulations.

backdoor / abstract security circuits, locks and data blocks

New Republican bill latest in long line to force encryption backdoors

Here we go again. Senate Republicans push a new bill to mandate "lawful access" to encrypted devices and data. It won't end until law enforcement has better cyber forensics capabilities.

cso information security policy risk management writing policy by metamorworks getty 2400x1600

Revised DOJ compliance guidance offers risk-management lessons for cybersecurity leaders

Prosecutors use this guidance to assess criminal liability in a compliance breach, so it behooves business and security leaders to understand the expectations.

CCTV security cameras gather data during traffic surveillance.

Lessons learned from the ANPR data leak that shook Britain

The recent ANPR data leak raised questions regarding privacy versus data security with public surveillance systems. How do private and public organizations maintain transparency while protecting personal data?

EU / European Union / GDPR data privacy protection, regulation, compliance

General Data Protection Regulation (GDPR): What you need to know to stay compliant

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that...

bank vault bank hacked breach security breach binary numbers by negative space and peshkov getty im

10 markers of a great cybersecurity program

How strong is your security program? These ten indicators will help you recognize greatness in your own organization and serve as a guide for what to look for in a partner.

smart city - wireless mobile network

Trump administration moves to revoke China Telecom's US licenses on security grounds

A legal filing claims China Telecom is in violation of federal and state cybersecurity and privacy laws, but evidence is redacted.

A military meeting with civilians.

The Cybersecurity Maturity Model Certification explained: What defense contractors need to know

The Cybersecurity Maturity Model Certification (CMMC) is a unified standard for implementing cybersecurity across the defense industrial base, which includes over 300,000 companies in the supply chain.

FinTech / electronic payments / banking / dollars / euros / pounds / yen

7 PSD2 questions every CISO should be prepared to answer

The EU's recently updated Payment Services Directive has several requirements that affect security, such as stronger authentication for online payments.

A woman and a man have a conversation while holding a notebook and pen, coffee and a mobile tablet.

How CISOs and data privacy officers should work together

Close collaboration between CISOs and DPOs can benefit both roles in their efforts to better understand, align with and protect the business.

Statue of Lliberty as a digital framework / New York / binary code

New York's SHIELD Act could change companies’ security practices nationwide

SHIELD Act provisions broaden the scope of consumer privacy and place requirement on protecting personal data for organizations that collect information on New York residents.

backdoor / abstract security circuits, locks and data blocks

Is the EARN-IT Act a backdoor attempt to get encryption backdoors?

New bipartisan US legislation to fight online child exploitation incentivizes companies to drop end-to-end encryption, critics say.

Abstract trend lines graphing change and transformation.

Top cybersecurity facts, figures and statistics for 2020

From malware trends to budget shifts, we have the latest figures that quantify the state of the industry.

credit card hack financial breach stealing money traffiking financial data target by igphotography

8 PCI DSS questions every CISO should be able to answer

PCI DSS is a standard backed by all the major credit cards and payment processors that is designed to protect credit card numbers. It specifies a set of cybersecurity controls and business practices and requires either...

gavel / money

Recent False Claims Act cases a caution to gov’t contractors that skimp on security

Two FCA cases unsealed in 2019 show that contractors can face multi-million-dollar penalties if they don't comply with federal government cybersecurity requirements.

CCPA | California Consumer Privacy Act  >  Satellite view of California's network of lights / lock

9 CCPA questions every CISO should be prepared to answer

Executive management anxiety over the California Consumer Privacy Act will rise as the enforcement deadline looms. Security managers will need to know the answers to these questions.

Brexit / GDPR  >  Cutting connections / United Kingdom / European Union / global security shield

What the Brexit Withdrawal Agreement Bill means for data protection and the GDPR

Boris Johnson's Withdrawal Agreement Bill (WAB) largely leaves existing data protection regulation in place, but changes are still possible.

Load More