IT Operations

IT Operations | News, how-tos, features, reviews, and videos

Binary flag of the European Union viewed through a magnifying lens and showing a ripple effect.


Twitter's mushrooming data breach crisis could prove costly

An apparent data breach potentially impacting hundreds of millions of users could damage Twitter's finances and operations. EU regulators pose the biggest threat to the Elon Musk-owned company.

zuckerberg on stage

Meta hit with $413 million fine in EU for breaking GDPR rules

Regulatory wrangling results in a huge new fine over Facebook and Instagram data handling, even as Meta vows to appeal and EU data protection groups prepare for a court battle.

CCPA | California Consumer Privacy Act  >  Satellite view of California's network of lights / lock

CPRA explained: New California privacy law ramps up restrictions on data use

The California Privacy Rights Act (CPRA) is a new law that toughens some data security requirements, brings California more in line with Europe's General Data Protection Regulation, and creates a new state agency—the California...

European Union, EU

European Commission takes step toward approving EU-US data privacy pact

The EU-US Data Privacy Framework—drafted to allow the flow of data between the US and the European Union—has cleared the first hurdle on its way to approval in the EU, but criticism of the pact makes it far from a done deal.

A network of security components overlays a credit card payment made by laptop user.

PCI Secure Software Standard version 1.2 sets out new payment security requirements

Changes include the Web Software Module to help payment software vendors and developers identify and implement security controls to protect against attacks.

joe biden cyberceomeeting public domain wh

The Biden administration has racked up a host of cybersecurity accomplishments

The Biden administration’s intense focus on cybersecurity has resulted in an unprecedented number of initiatives. Although domestic efforts seem well-baked, opportunities exist for further leadership in the international arena.


Offboarding processes pose security risks as job turnover increases: Report

Research from YouGov finds that poor offboarding practices across industries including healthcare and tech are putting companies at risk, including for loss of end-user devices and unauthorized SaaS application use.

Lady Justice statue with scales, law books. [regulation / compliance / legal liability / fairness]

New York-barred attorneys required to complete cybersecurity, privacy, and data protection training

New requirements highlight lawyers’ technical competence duty to meet professional, ethical, and contractual obligations to safeguard client information.

audit binary compliance magnifying glass investigate

How to prepare for a SOC 2 audit – it’s a big deal, so you’d better get ready

Getting ready for one of the most demanding review processes in cybersecurity can be daunting, but experts say preparing for a SOC 2 audit can be an important part of a well-managed year-round security program.

abstract industrial iot internet of things

Engineering workstation attacks on industrial control systems double: Report

Some of the biggest challenges faced in securing industrial control systems involve integrating legacy and aging operational technology with modern IT systems.

Conceptual image of three figures running toward a goal, along trend lines drawn by a large hand.

CISA releases cybersecurity performance goals to reduce risk and impact of adversarial threats

Based on the NIST Cybersecurity Framework, the goals could become the baseline standards for cybersecurity negligence and possible future regulatory requirements.

brad arkin cisco

How Cisco's Cloud Control Framework helps it comply with multiple security standards

Its open-source Cloud Control Framework gives Cisco a common template to meet security standards and regulatory requirements across the globe.

Application security  >  Software code + data protected with a lock

US OMB releases guidance on federal agency software security requirements

The guidance aims to improve the security of software federal agencies use, but expects self-attestation for compliance.

nycrr cybersecurity gavel regulation compliance law nyc statue of liberty

CISA launches incident, ransomware reporting rulemaking RFI

The U.S. Cybersecurity and Infrastructure Security Agency seeks input on a common set of cybersecurity incident reporting regulations.

A binary eye sits within the center of a targeted virtual framework.

California bill would tighten privacy protections for minors

The California legislature’s sweeping attempt to ramp up online protections for children covers a lot of ground, but critics say it’s too broad.

rules rulebook letters compliance regulation by alex ishchenko getty

Resolving conflicts between security best practices and compliance mandates

Sometimes the latest security best practices don't align with an organization's compliance templates. These are some of the areas where you might need an exception.

security audit word cloud

5 ways to unite security and compliance

Which comes first, security or compliance? In an ideal world, they work together seamlessly. Here's how to achieve that.

Privacy: An eye looks through peephole.

Spate of pending U.S. privacy initiatives could significantly impact businesses

Bolstered by the overturned Roe v. Wade decision, several privacy initiatives could force businesses to review how they process, store, and protect data.

Load More
You Might Also Like