Regulation

Regulation | News, how-tos, features, reviews, and videos

A gavel rests on open law book. [law / regulation / compliance / legal liability]
Feature

Security and privacy laws, regulations, and compliance: The complete guide

An open lock sits on a credit card lying on a computer keyboard.
Feature

PCI DSS explained: Requirements, fines, and steps to compliance

whitelisting computer security security oversight admin lockout control by metamorworks getty images
Opinion

The new cybersecurity mandate

Parsing the White House’s cybersecurity directives.

binary code spanning a world map
Feature

How GDPR has inspired a global arms race on privacy regulations

Companies with a global presence face the challenge of achieving compliance with an increasing array of regional data-protection regulations.

A network of security components overlays a credit card payment made by laptop user.
News Analysis

New PCI DSS v4.0 receives kudos for flexibility

Customization, multi-factor authentication are key features in PCI DSS v4.0 global payment benchmark.

asia fom space night shutterstock 1422245984
Feature

The state of privacy regulations across Asia

While GDPR looms large across the Asia-Pacific region, there are significant differences as jurisdictions develop their own national approaches to privacy. There’s also a growing focus on data security in many countries.

us eu flag
News

US, EU reach preliminary data privacy agreement

US President Biden and EU President von der Leyen say deal underscores shared values over data privacy and security surrounding transatlantic information sharing.

Cyber warfare > Russian missile launcher / Russian flag / binary code
Opinion

Internet sanctions against Russia pose risks, challenges for businesses

Sanctions on Russian attack for its attack on Ukraine and its response will change the way the internet is used, forcing companies to make hard decisions.

United States Capitol building / United States Congress / abstract security concept
News Analysis

Cyber incident reporting measures approved in the omnibus spending bill

Critical infrastructure entities and federal agencies will have to report significant cyber incidents to CISA within 72 hours and ransomware attacks within 24 hours under legislation passed by the House that will likely become law.

frozen bitcoin circuits
News Analysis

Biden’s cryptocurrency executive order addresses illicit financial risks

Early indications are that the cryptocurrency industry will work with the U.S. government to help minimize risk and make it harder for cybercriminals to profit from their activities.

EU / European Union / GDPR data privacy, regulation, compliance
News Analysis

UK/US data protection claim highlights ambiguity of GDPR’s geographic scope

A data protection claim against U.S. defendants highlights the uncertainty surrounding the territorial limits of the GDPR.

Privacy: An eye looks through peephole.
News

Crazy quilt of state privacy laws could cost businesses $1 trillion

A new study shows that state privacy laws could create significant compliance costs for both in- and out-of-state businesses.

8 data protection gdpr
News

European nations issue record €1.1 billion in GDPR fines

Authorities across Europe issued huge amounts in GDPR fines during 2021. Luxembourg and Ireland took up the top spots, replacing Italy and Germany.

Global geopolitical vectors
Feature

Data residency laws pushing companies toward residency as a service

Many countries now require companies that operate within its boundaries to store data on their residents locally. Using residency-as-a-service providers is becoming an important option.

3 the vertical market fintech stock market graph
News Analysis

SEC eyes more expansive cybersecurity requirements

New rules for publicly traded companies could add protections for consumer information, strengthen incident reporting, and require assessment of third-party risk.

USA / United States of America stars + stripes and binary code superimposed over The White House
News Analysis

Biden memo aims to bolster cybersecurity in national security systems

A national security memorandum places new cybersecurity requirements for reporting and preventing security incidents involving sensitive national security systems.

rules rulebook law compliance regulation by baloon111 getty
News Analysis

FTC, SEC raise legal risks surrounding the log4j flaw

The U.S. Federal Trade Commission also threatened possible legal action for companies that don't address the risk from the Log4j vulnerabilities.

One avatar is uniquely identified among others at the center of a bullseye in a digital environment.
Feature

What is PII? Examples, laws, and standards

Personally identifiable information (PII), is any piece of data that could be used—either alone or when combined with other data—to identify an individual. Some types of PII are obvious, such as a name or Social Security number, but...

Gears in the form of a cloud in a binary field > Cloud controls
News Analysis

UK NCSC updates Cyber Essentials technical controls requirements and pricing structure

Technical controls update includes revisions surrounding the use of cloud services, multi-factor authentication, and password management. New pricing structure better reflects organisational size and complexity.

A binary map of china.
Opinion

China's Personal Information Protection Law (PIPL) presents challenges for CISOs

PIPL's data localization mandate places unique requirements on businesses operating in China, and regulators have great leeway to assess fines.

Load More
You Might Also Like
Most Popular