Government
Government | News, how-tos, features, reviews, and videos
PCI DSS explained: Requirements, fines, and steps to compliance
PCI DSS (Payment Card Industry Data Security Standard) is a cybersecurity standard backed by all the major credit card and payment processing companies that aims to keep credit and debit card numbers safe.
The US federal cybersecurity bureaucracy: A guide
A high-level look at the national offices and organizations involved in protecting the US from cyber threats.
How GDPR has inspired a global arms race on privacy regulations
Companies with a global presence face the challenge of achieving compliance with an increasing array of regional data-protection regulations.
New PCI DSS v4.0 receives kudos for flexibility
Customization, multi-factor authentication are key features in PCI DSS v4.0 global payment benchmark.
U.S. State Department unveils new Bureau of Cyberspace and Digital Policy
The new Bureau could enhance the United States' ability to work effectively with other nations on cybersecurity matters.
The state of privacy regulations across Asia
While GDPR looms large across the Asia-Pacific region, there are significant differences as jurisdictions develop their own national approaches to privacy. There’s also a growing focus on data security in many countries.
US, EU reach preliminary data privacy agreement
US President Biden and EU President von der Leyen say deal underscores shared values over data privacy and security surrounding transatlantic information sharing.
Internet sanctions against Russia pose risks, challenges for businesses
Sanctions on Russian attack for its attack on Ukraine and its response will change the way the internet is used, forcing companies to make hard decisions.
Cyber incident reporting measures approved in the omnibus spending bill
Critical infrastructure entities and federal agencies will have to report significant cyber incidents to CISA within 72 hours and ransomware attacks within 24 hours under legislation passed by the House that will likely become law.
Biden’s cryptocurrency executive order addresses illicit financial risks
Early indications are that the cryptocurrency industry will work with the U.S. government to help minimize risk and make it harder for cybercriminals to profit from their activities.
UK/US data protection claim highlights ambiguity of GDPR’s geographic scope
A data protection claim against U.S. defendants highlights the uncertainty surrounding the territorial limits of the GDPR.
Crazy quilt of state privacy laws could cost businesses $1 trillion
A new study shows that state privacy laws could create significant compliance costs for both in- and out-of-state businesses.
European nations issue record €1.1 billion in GDPR fines
Authorities across Europe issued huge amounts in GDPR fines during 2021. Luxembourg and Ireland took up the top spots, replacing Italy and Germany.
Data residency laws pushing companies toward residency as a service
Many countries now require companies that operate within its boundaries to store data on their residents locally. Using residency-as-a-service providers is becoming an important option.
SEC eyes more expansive cybersecurity requirements
New rules for publicly traded companies could add protections for consumer information, strengthen incident reporting, and require assessment of third-party risk.
Biden memo aims to bolster cybersecurity in national security systems
A national security memorandum places new cybersecurity requirements for reporting and preventing security incidents involving sensitive national security systems.
FTC, SEC raise legal risks surrounding the log4j flaw
The U.S. Federal Trade Commission also threatened possible legal action for companies that don't address the risk from the Log4j vulnerabilities.