Regulation

Regulation | News, how-tos, features, reviews, and videos

healthcare data breach / medical patient privacy security violation
Feature

The HITECH Act explained: Definition, compliance, and violations

high priority gauge
Cybersecurity SnippetsBy

The most important cybersecurity topics for business executives

child coder boy with computer gaming children laptop
Feature

COPPA explained: How this law protects children's privacy

The Children's Online Privacy Protection Act is a U.S. law that aims to protect the privacy and personally identifying information of children under the age of 13 who use online services.

A gavel rests on open law book. [law / regulation / compliance / legal liability]
Feature

CSO's ultimate guide to security and privacy laws, regulations, and compliance

This handy directory provides summaries and links to the full text of each security or privacy law and regulation.

medical data accessed via tablet / healthcare IoT monitoring
Feature

HIPAA explained: definition, compliance, and violations

This landmark law imposes stringent privacy and security mandates on health care providers—and most of their IT vendors.

wan bank networking finance2
Feature

GLBA explained: What the Graham-Leach-Bailey Act means for privacy and IT security

The Graham-Leach-Bailey Act (GLBA) is a 1999 law that allowed financial services companies to offer both commercial and investment banking, something that had been banned since the Great Depression. It has an infosec reach that goes...

compliance / regulations / rules / law / standards / policies
Feature

The Sarbanes-Oxley Act explained: Definition, purpose, and provisions

The Sarbanes-Oxley Act (sometimes referred to as SOA, Sarbox, or SOX) is a U.S. law passed in 2002 that aimed to protect investors by preventing fraudulent accounting and financial practices at publicly traded companies.

A network of security components overlays a credit card payment made by laptop user.
Feature

PCI compliance: 4 steps to properly scope a PCI assessment

Although it might sound straightforward, scoping a PCI assessment can be a challenge even for experienced organizations. Experts offer their best advice for avoiding PCI missteps.

An open lock sits on a credit card lying on a computer keyboard.
Feature

PCI DSS explained: Requirements, fines, and steps to compliance

PCI DSS is a cybersecurity standard backed by all the major credit card and payment processing companies that aims to keep credit and debit card numbers safe.

California Consumer Privacy Act / CCPA > State flag / secured data
Feature

California Consumer Privacy Act (CCPA): What you need to know to be compliant

The California Consumer Privacy Act (CCPA) is a law that allows any California consumer to demand to see all the information a company has saved on them, as well as a full list of all the third parties that data is shared with.

open faucets leaking binary streams of data
Feature

What is DLP? How data loss prevention software works and why you need it

Data loss prevention (DLP) is a set of practices (and products) that ensure that an organization's sensitive or critical data is kept safe.

USA / United States Capitol Building / Congress / abstract digital infrastructure
News Analysis

New cybersecurity recommendations for US government target IoT, social media

The COVID-19 pandemic spurs the Cyberspace Solarium Commission policy initiative to issue a set of four security recommendations for the federal government in the wake of the crisis.

Abstract trend lines graphing change and transformation.
Opinion

Top cybersecurity facts, figures and statistics

From malware trends to budget shifts, we have the latest figures that quantify the state of the industry.

A circuit-board house.
InfoSec at Your ServiceBy

The CCPA is an opportunity to get your data security house in order

As California’s privacy legislation goes into effect, it’s time to take stock of your security strategies around data and think about the future. The trend towards greater privacy is set to continue.

Distorted and glitched binary flag of the United States of America
Opinion

Why hacking must be addressed in digital privacy policymaking

Virtually all attention to date has been focused on developing legal and regulatory remedies to address digital privacy. But little attention has been paid to the flip side of this two-sided coin—namely, digital hacking.

USA / United States Capitol Building / Congress / abstract digital infrastructure
News

On the 2020 Congressional cybersecurity agenda: Critical infrastructure, copyright exemptions

Despite the distraction of an election year, Congress is expected to give the Department of Homeland Security tools to identify critical infrastructure threats and copyright exemptions to security researchers.

gavel / money
News Analysis

Recent False Claims Act cases a caution to gov’t contractors that skimp on security

Two FCA cases unsealed in 2019 show that contractors can face multi-million-dollar penalties if they don't comply with federal government cybersecurity requirements.

security posture / cybersecurity landscape / binary eye / locks / keyholes / firewall / gears
InfoSec at Your ServiceBy

5 ways to improve your security posture in 2020

What will shape the cybersecurity conversation in 2020? Only time will tell, but following these five trends will help you rise to new challenges.

EU / European Union / GDPR data privacy, regulation, compliance
Virtual CISOBy

Global Data Protection and the right to be forgotten

Will the United States ever get its own privacy law?

financ credit pos
Feature

What is PSD2? And how it will impact the payments processing industry

The EU’s revised Payment Services Directive (PSD2), which include multifactor authentication for online European payment card transactions, will have a ripple effect on the payments processing industry in the U.S. and elsewhere.

Load More
You Might Also Like
Popular Resources
See All
Most Popular