IT Operations

IT Operations | News, how-tos, features, reviews, and videos

Application security  >  Software code + data protected with a lock
nycrr cybersecurity gavel regulation compliance law nyc statue of liberty

A binary eye sits within the center of a targeted virtual framework.

California bill would tighten privacy protections for minors

The California legislature’s sweeping attempt to ramp up online protections for children covers a lot of ground, but critics say it’s too broad.

rules rulebook letters compliance regulation by alex ishchenko getty

Resolving conflicts between security best practices and compliance mandates

Sometimes the latest security best practices don't align with an organization's compliance templates. These are some of the areas where you might need an exception.

security audit word cloud

5 ways to unite security and compliance

Which comes first, security or compliance? In an ideal world, they work together seamlessly. Here's how to achieve that.

Privacy: An eye looks through peephole.

Spate of pending U.S. privacy initiatives could significantly impact businesses

Bolstered by the overturned Roe v. Wade decision, several privacy initiatives could force businesses to review how they process, store, and protect data.


Exostar launches CMMC 2.0-compliant Microsoft 365, other solutions for SMBs

Updates aim to help small- and medium-sized business comply with the U.S. Department of Defense cybersecurity requirements.

United States Capitol Building / Congress / legislation in a digital landscape

U.S. NDAA heads into the home stretch with significant cybersecurity amendments pending

The main defense spending bill might enact the most significant pieces of U.S. cybersecurity legislation this year.

data pipeline primary

An updated pipeline security directive is underway, reflecting TSA struggles

The TSA directives issued after the Colonial Pipeline attack have been widely criticized, but the agency is working with the industry to improve them.

security monitoring

Security startup Cerby debuts with platform to manage shadow IT

The Cerby system automates and streamlines the detection and protection of "unmanageable" applications, providing a platform that centralizes application enrollment, access and monitoring.

A binary eye sits within the center of a targeted virtual framework.

U.S. data privacy and security solutions emerging at the federal level

The American Data Privacy and Protection Act bill faces a tough battle for passage, but the Biden administration is considering actions of its own.


How Microsoft Purview can help with ransomware regulatory compliance

Microsoft's renamed compliance portal provides guidance and rule-setting capability to help comply with ransomware and other security and privacy requirements.

United States Capitol building / United States Congress / abstract security concept

U.S. cybersecurity congressional outlook for the rest of 2022

The U.S. federal government has enacted important cybersecurity laws in 2022 and will likely move forward with many of these bills before the year's end.

locked data / bitcoins

How the Russia-Ukraine war makes ransomware payments harder

The war in Ukraine has increased sanctions against paying ransom demands to cybercriminal groups and cryptocurrency intermediaries based in Russia.

A gavel rests on open law book. [law / regulation / compliance / legal liability]

Security and privacy laws, regulations, and compliance: The complete guide

This handy directory provides summaries and links to the full text of each security or privacy law and regulation.

An open lock sits on a credit card lying on a computer keyboard.

PCI DSS explained: Requirements, fines, and steps to compliance

PCI DSS (Payment Card Industry Data Security Standard) is a cybersecurity standard backed by all the major credit card and payment processing companies that aims to keep credit and debit card numbers safe.

president joe biden image

A year later, Biden’s cybersecurity executive order driving positive change

Notable experts say the cybersecurity executive order has improved the nation's security posture, but more work is to be done.

CSO  >  Right and wrong buttons and question marks

NIST Cybersecurity Framework update comments highlight a gamut of needed changes

Better metrics, implementation guidance, and alignment with other frameworks are high on the list of suggested improvements to the NIST CSF.

compliance compliant regulation rules stamp gdpr

LightBeam launches data privacy automation platform to streamline compliance

New identity-centric platform designed to help businesses automate compliance against a patchwork of existing and emerging privacy regulations such as GDPR, CPRA, HIPAA and PCI DSS.

EU / European Union / GDPR data privacy, regulation, compliance

Meta fined €17 million by Irish regulator for GDPR violations

In the wake of 12 data breaches reported in 2018, Facebook’s parent company hit with hefty fine for failing to follow GDPR regulations related to its ability to demonstrate data privacy protection practices.

Load More
You Might Also Like