IT Operations
IT Operations | News, how-tos, features, reviews, and videos
US Treasury Department ban on ransomware payments puts victims in tough position
The Treasury Department's advisory warns companies not to pay ransoms to sanctioned entities. The move complicates ransomware incident response and might encourage insurance carriers to drop ransomware coverage.
Avoiding the snags and snares in data breach reporting: What CISOs need to know
Ambiguities in a growing list of US reporting requirements keep CISOs up at night: Will they be compelled to report every breach even if they can prove the data was untouched? Experts advise on how to avoid trouble.
![The open jaws of a spring trap lie in wait. [danger / risk]](https://images.idgesg.net/images/article/2020/09/open_jaws_of_a_spring_trap_danger_risk_by_mevans_gettyimages-172979779_2400x1600-100858233-small.3x2.jpg?auto=webp)
Uber breach case a ‘watershed moment’ for CISOs’ liability risk
An upcoming case to determine whether the former Uber CSO failed to report a breach puts the legal liabilities of being a CISO in the spotlight. CISOs have a few options to minimize that risk.
CMMC bakes security into DoD’s supply chain, has value for all businesses
The Cybersecurity Maturity Model Certification provides a means for the DoD to certify the security capabilities of its contractors, but it's a good way to assess the cybersecurity maturity for all companies.
Homomorphic encryption: Deriving analytics and insights from encrypted data
Homomorphic encryption allows safe outsourcing of storage of computation on sensitive data to the cloud, but there are trade-offs with performance, protection and utility.
With cloud's security benefits comes systemic risks, report finds
A new report from the Carnegie Endowment for International Peace seeks to give law and policy makers a better understanding of cloud security risks.
PCI compliance: 4 steps to properly scope a PCI assessment
Although it might sound straightforward, scoping a PCI assessment can be a challenge even for experienced organizations. Experts offer their best advice for avoiding PCI missteps.
What the end of Privacy Shield, Brexit mean for UK-US data flows
The fall of US data agreement further complicates the post-Brexit data situation for many companies.
EU court invalidates Privacy Shield data transfer agreement
US companies receiving EU personal data under Privacy Shield will need to find a replacement legal mechanism, and the decision could affect data protection policies and procedures.
New DOE document names China, Russia as threats to US bulk power system
A US Department of Energy RFI seeks information on energy industry's supply chain security practices following executive order to develop industry regulations.
New Republican bill latest in long line to force encryption backdoors
Here we go again. Senate Republicans push a new bill to mandate "lawful access" to encrypted devices and data. It won't end until law enforcement has better cyber forensics capabilities.
Revised DOJ compliance guidance offers risk-management lessons for cybersecurity leaders
Prosecutors use this guidance to assess criminal liability in a compliance breach, so it behooves business and security leaders to understand the expectations.
Lessons learned from the ANPR data leak that shook Britain
The recent ANPR data leak raised questions regarding privacy versus data security with public surveillance systems. How do private and public organizations maintain transparency while protecting personal data?
General Data Protection Regulation (GDPR): What you need to know to stay compliant
GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that...
5 tips for running a successful virtual meeting
Running an online meeting can be as easy as running an in-person meeting if you follow a few simple steps. Here are five tips for taking your meetings online without missing a beat.
8 expert tips for remote project management
Seasoned remote project managers offer next-level tips and tricks from the virtual trenches for coordinating the output and productivity of remote teams.
10 markers of a great cybersecurity program
How strong is your security program? These ten indicators will help you recognize greatness in your own organization and serve as a guide for what to look for in a partner.
Trump administration moves to revoke China Telecom's US licenses on security grounds
A legal filing claims China Telecom is in violation of federal and state cybersecurity and privacy laws, but evidence is redacted.
The Cybersecurity Maturity Model Certification explained: What defense contractors need to know
The Cybersecurity Maturity Model Certification (CMMC) is a unified standard for implementing cybersecurity across the defense industrial base, which includes over 300,000 companies in the supply chain.
7 PSD2 questions every CISO should be prepared to answer
The EU's recently updated Payment Services Directive has several requirements that affect security, such as stronger authentication for online payments.
-
Video/Webcast
Sponsored -
eBook
Sponsored -
White Paper
-
eBook
Sponsored -
White Paper
