Compliance news, analysis, research, how-to, opinion, and video.

umbrella businessman protection stormy dark insurance

Is compliance the best insurance for managing cybersecurity risk in 2018?

Cybersecurity challenges and risks continue to emerge as top threats to business as usual for large and small organizations alike. The ability to meet these threats requires understanding emerging standards. Compliance with these new...

drowning in red tape bureaucracy ai machine learning

What does the GDPR and the "right to explanation" mean for AI?

Security teams increasingly rely on machine learning and artificial intelligence to protect assets. Will a requirement to explain how they make decisions make them less effective?

hipaa compliance 1

Is your cloud service provider ready for HIPAA?

Is your industry’s compliance with the Health Insurance Portability and Accountability Act of 1996 covered in the cloud?

Stack of legal documents with compliance and regulatory stamp

2018 cybersecurity resolutions: check the health of your cyber compliance

Regardless of cybersecurity budgets, we can always optimize what we currently have, to better secure our organizations. The “basics” apply to every organization, of any size – if you don’t have all the boxes for compliance checked,...

question man

Top 5 cybersecurity questions for the CISO in 2018

CISOs face many challenges as they plan for 2018. These five questions will help guide strategic discussions in a demanding year ahead.

predictions crystalball

Our top 7 cyber security predictions for 2018

Let’s face it: 2017 was a terrible year for cyber security with more phishing scams, ransomware, state-sponsored attacks, and new attack vectors. Will 2018 be better?

facial recognition - biometric security identification - binary face

GDPR turbocharges identity and access management spending

Thanks to the GDPR, the identity and access management (IAM) market is predicted to reach $16 billion by 2022.

Department of Defense contractors must implement IT security controls by December 31

Organizations doing business with the U.S. Department of Defense (DOD) must demonstrate their ability meet higher levels IT security for their corporate network and systems by Dec. 31, 2017 or risk losing business.

Navigating a field of uncertainty and doubt questions

5 questions to ask your CEO about cybersecurity

Why you need to go beyond compliance.

binary code woman programming

Blockchain technology may not be the best solution for GDPR compliance

Companies currently bracing for the European Union's GDPR can explore using blockchain technology solutions to meet the GDPR's data security requirements. However, as attorney Randy Sabett, CISSP, explains, it's not a fail-safe...

hipaa compliance 5

You may have the 'right to be forgotten’ – but you still need to know who to ask and what to ask for

What does 'right to be forgotten' from the GDPR mandate really mean? And is there an important step before we get to 'forgotten' that we are glossing over?

4 compliance

Achieving compliance on cloud requires perspective change

Traditional mindset to achieve compliance on cloud is the biggest hurdle organizations face and to overcome the same requires a perspective change.

Equifax credit bureau logo and building security breach

Improving cybersecurity: national cyber breach law or better business insurance?

In the wake of the Equifax breach, many believe a national standard for cybersecurity is needed. But are insurance requirements a better option?

Internet of things smart city with icons

Security starts at source code  —  in the cloud

Enterprises are overwhelmed, spending more every year and still losing. Something is missing. By ignoring the root cause of the issue, vendors are simply stacking more and more software on top the same post-deployment problem.

digital data surveillance eye with Windows logo

Legal incentives for spying on employees

Monitoring employees is an uncomfortable issue for most companies and no one wants to be viewed as Big Brother. While everyone wants to trust employees, the decision to monitor must be made within the context of current regulatory and...

Equifax logo on binary background

A cyber manifesto: cut the dilly-dallying...and let’s get after it!

Congress is dithering on dynamic cyber policy...and so private sector company to company digital security threat information sharing is virtually at a standstill. And 143 million Equifax customers woke up this morning to learn they're...

cybersecurity boards

Cyber risk systems – how to get them to get it

A cyberrisk system should align employees with your effort to secure the company.

cloud security

Why does cloud need elastic PAM?

Privilege Access Management has been a difficult but an important problem to solve. Doing the same on the Cloud has its own set of unique challenges which traditional PAM solutions cannot solve for. The article outlines the Cloud's...

us eu flag

GDPR: Do you provide goods or services in the EU?

The General Data Protection Regulation applies to all organizations that provide goods and services to people in the EU. The risk of not complying may result in fines up to 4% of your organization’s global revenues.

NAIC Summer 2017 Cybersecurity Working Group

Mandating privacy safeguards for the insurance sector

Insurance applications – privacy requirements ahead.

Load More
You Might Also Like