Government

Government | News, how-tos, features, reviews, and videos

7 response plan be prepared are you ready typewriter
USA / United States of America stars + stripes and binary code superimposed over The White House

light string in a jar at sunset / lightbulbs / ideas / innovation / brainstorming

Defining linchpins: An industry perspective on remediating Sunburst

The concept of linchpin software can be useful in assessing risk and focusing security efforts, but it comes with challenges.

A virtual checkmark in digital system / standards / quality control / certification / certificates

HITRUST explained: One framework to rule them all

HITRUST is a cybersecurity framework that seeks to unify the rules for many other existing regulatory and industry frameworks, including HIPAA, GDPR, PCI-DSS, and more.

data pipeline primary

TSA’s pipeline cybersecurity directive is just a first step experts say

The new, hastily announced security directive requires US pipeline companies to appoint a cybersecurity coordinator and report possible breaches within 12 hours.

A gavel rests on open law book. [law / regulation / compliance / legal liability]

CSO's ultimate guide to security and privacy laws, regulations, and compliance

This handy directory provides summaries and links to the full text of each security or privacy law and regulation.

library / repository / binders and boxes on shelves in a large archive

The 7 deadly sins of records retention

Record retention is both a fact of life and a growing headache for organizations burdened by a spiraling number of regulations and legal obligations. Here are worst (and best) practices for securing data and documents.

Lady Justice statue with scales, law books. [regulation / compliance / legal liability / fairness]

FISMA basics: What federal agencies and contractors need to know

FISMA, or the Federal Information Security Management Act, is a U.S. federal law passed in 2002 that seeks to establish guidelines and cybersecurity standards for government tech infrastructure, and in so doing protect government...

Lady Justice statue with scales, law books. [regulation / compliance / legal liability / fairness]

Virginia data protection bill signed into law

The state is the second in the nation to enact a consumer data protection law along the lines of the EU's GDPR. Here's what businesses need to know about Virginia's CDPA.

United States Capitol building / United States Congress / abstract security concept

Cyber Diplomacy Act aims to elevate America's global cybersecurity standing

The new bill has bipartisan support to improve the US's ability to prevent and respond to cyberattacks and correct missteps of the Trump administration.

healthcare data breach / medical patient privacy security violation

The HITECH Act explained: Definition, compliance, and violations

The Health Information Technology for Economic and Clinical Health (HITECH) Act aims to expand the use of electronic health records through incentives to health care providers and consumers. It also tightens rules on providers to...

high priority gauge

The most important cybersecurity topics for business executives

Data privacy, current cyberthreats, and cybersecurity culture and training top the list, but are these the right priorities?

child coder boy with computer gaming children laptop

COPPA explained: How this law protects children's privacy

The Children's Online Privacy Protection Act is a U.S. law that aims to protect the privacy and personally identifying information of children under the age of 13 who use online services.

medical data accessed via tablet / healthcare IoT monitoring

HIPAA explained: definition, compliance, and violations

HIPAA (the Health Insurance Portability and Accountability Act) is a law passed in 1996 that imposes stringent privacy and security mandates on health care providers—and most of their IT vendors.

United States Capitol building / United States Congress / abstract security concept

SolarWinds hack is quickly reshaping Congress’s cybersecurity agenda

More cybersecurity funding for states and Capitol, new breach reporting rules, and ransomware-related bills will likely be on the agenda for the 117th Congress.

wan bank networking finance2

GLBA explained: What the Graham-Leach-Bailey Act means for privacy and IT security

The Graham-Leach-Bailey Act (GLBA) is a 1999 law that allowed financial services companies to offer both commercial and investment banking, something that had been banned since the Great Depression. It has an infosec reach that goes...

compliance / regulations / rules / law / standards / policies

The Sarbanes-Oxley Act explained: Definition, purpose, and provisions

The Sarbanes-Oxley Act (sometimes referred to as SOA, Sarbox, or SOX) is a U.S. law passed in 2002 that aimed to protect investors by preventing fraudulent accounting and financial practices at publicly traded companies.

A network of security components overlays a credit card payment made by laptop user.

PCI compliance: 4 steps to properly scope a PCI assessment

Although it might sound straightforward, scoping a PCI assessment can be a challenge even for experienced organizations. Experts offer their best advice for avoiding PCI missteps.

An open lock sits on a credit card lying on a computer keyboard.

PCI DSS explained: Requirements, fines, and steps to compliance

PCI DSS is a cybersecurity standard backed by all the major credit card and payment processing companies that aims to keep credit and debit card numbers safe.

California Consumer Privacy Act  / CCPA  >  State flag / secured data

California Consumer Privacy Act (CCPA): What you need to know to be compliant

The California Consumer Privacy Act (CCPA) is a law that allows any California consumer to demand to see all the information a company has saved on them, as well as a full list of all the third parties that data is shared with.

Load More
You Might Also Like