Regulation
Regulation | News, how-tos, features, reviews, and videos
Why hacking must be addressed in digital privacy policymaking
Virtually all attention to date has been focused on developing legal and regulatory remedies to address digital privacy. But little attention has been paid to the flip side of this two-sided coin—namely, digital hacking.
On the 2020 Congressional cybersecurity agenda: Critical infrastructure, copyright exemptions
Despite the distraction of an election year, Congress is expected to give the Department of Homeland Security tools to identify critical infrastructure threats and copyright exemptions to security researchers.
Recent False Claims Act cases a caution to gov’t contractors that skimp on security
Two FCA cases unsealed in 2019 show that contractors can face multi-million-dollar penalties if they don't comply with federal government cybersecurity requirements.
5 ways to improve your security posture in 2020
What will shape the cybersecurity conversation in 2020? Only time will tell, but following these five trends will help you rise to new challenges.
Global Data Protection and the right to be forgotten
Will the United States ever get its own privacy law?
California Consumer Privacy Act (CCPA): What you need to know to be compliant
California's new privacy law, AB 375, might not burden security as much as the GDPR, but details are subject to change.
What is PSD2? And how it will impact the payments processing industry
The EU’s revised Payment Services Directive (PSD2), which include multifactor authentication for online European payment card transactions, will have a ripple effect on the payments processing industry in the U.S. and elsewhere.
What is personally identifiable information (PII)? How to protect it under GDPR
The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. That means keeping personally identifiable information (PII) safe. Here's what you need to know.
Will the US ever get serious about security and privacy?
We have the ability to drastically reduce cybercrime. So why are we still failing?
Federal cybersecurity agency on the way?
As human activity migrates into the online space, keeping the bad guys from mucking it all up becomes paramount. Does that mean it’s time for a federal cybersecurity agency?
How to conduct a proper GDPR audit: 4 key steps
Organizations subject to the EU's General Data Protection Regulation should do regular compliance audits. Here are the steps experts say you should take.
FINRA Rule 4512: U.S. SEC approves electronic signatures
The updated FINRA Rule 4512(a)(3) is now in effect, striking a blow against outdated regulations.
What is "reasonable security"? And how to meet the requirement
Privacy regulations such as the GDPR and CCPA require companies to provide "reasonable security" to protect customers' personal information. Here's how you might best achieve that standard.
Proposed changes to California Consumer Privacy Act of 2018 could rewrite privacy law
A recently proposed repeal of 2018's CCPA called the PAA would shift California even closer to the requirements of the GDPR.
Whip your information security into shape with ISO 27001
The ISO 27001 standard will help you identify potential threats to the confidentiality, integrity and availability of your company data. This simple checklist will help you come to grips with one of the best and most popular...
Does GDPR compliance reduce breach risk?
A new report from Cisco suggests that GDPR compliance reduces data breach impact. Incident response, legal and security experts agree but caution not to rely on compliance alone.
Congress steers clear of industrial control systems cybersecurity
Industry resistance to regulation, complexity of securing ICS systems are roadblocks to passage of critical infrastructure cybersecurity legislation.
