Regulation
Regulation | News, how-tos, features, reviews, and videos
COPPA explained: How this law protects children's privacy
The Children's Online Privacy Protection Act is a U.S. law that aims to protect the privacy and personally identifying information of children under the age of 13 who use online services.
CSO's ultimate guide to security and privacy laws, regulations, and compliance
This handy directory provides summaries and links to the full text of each security or privacy law and regulation.
HIPAA explained: definition, compliance, and violations
This landmark law imposes stringent privacy and security mandates on health care providers—and most of their IT vendors.
GLBA explained: What the Graham-Leach-Bailey Act means for privacy and IT security
The Graham-Leach-Bailey Act (GLBA) is a 1999 law that allowed financial services companies to offer both commercial and investment banking, something that had been banned since the Great Depression. It has an infosec reach that goes...
The Sarbanes-Oxley Act explained: Definition, purpose, and provisions
The Sarbanes-Oxley Act (sometimes referred to as SOA, Sarbox, or SOX) is a U.S. law passed in 2002 that aimed to protect investors by preventing fraudulent accounting and financial practices at publicly traded companies.
PCI compliance: 4 steps to properly scope a PCI assessment
Although it might sound straightforward, scoping a PCI assessment can be a challenge even for experienced organizations. Experts offer their best advice for avoiding PCI missteps.
PCI DSS explained: Requirements, fines, and steps to compliance
PCI DSS is a cybersecurity standard backed by all the major credit card and payment processing companies that aims to keep credit and debit card numbers safe.
California Consumer Privacy Act (CCPA): What you need to know to be compliant
The California Consumer Privacy Act (CCPA) is a law that allows any California consumer to demand to see all the information a company has saved on them, as well as a full list of all the third parties that data is shared with.
What is DLP? How data loss prevention software works and why you need it
Data loss prevention (DLP) is a set of practices (and products) that ensure that an organization's sensitive or critical data is kept safe.
New cybersecurity recommendations for US government target IoT, social media
The COVID-19 pandemic spurs the Cyberspace Solarium Commission policy initiative to issue a set of four security recommendations for the federal government in the wake of the crisis.
Top cybersecurity facts, figures and statistics
From malware trends to budget shifts, we have the latest figures that quantify the state of the industry.
The CCPA is an opportunity to get your data security house in order
As California’s privacy legislation goes into effect, it’s time to take stock of your security strategies around data and think about the future. The trend towards greater privacy is set to continue.
Why hacking must be addressed in digital privacy policymaking
Virtually all attention to date has been focused on developing legal and regulatory remedies to address digital privacy. But little attention has been paid to the flip side of this two-sided coin—namely, digital hacking.
On the 2020 Congressional cybersecurity agenda: Critical infrastructure, copyright exemptions
Despite the distraction of an election year, Congress is expected to give the Department of Homeland Security tools to identify critical infrastructure threats and copyright exemptions to security researchers.
Recent False Claims Act cases a caution to gov’t contractors that skimp on security
Two FCA cases unsealed in 2019 show that contractors can face multi-million-dollar penalties if they don't comply with federal government cybersecurity requirements.
5 ways to improve your security posture in 2020
What will shape the cybersecurity conversation in 2020? Only time will tell, but following these five trends will help you rise to new challenges.
Global Data Protection and the right to be forgotten
Will the United States ever get its own privacy law?
What is PSD2? And how it will impact the payments processing industry
The EU’s revised Payment Services Directive (PSD2), which include multifactor authentication for online European payment card transactions, will have a ripple effect on the payments processing industry in the U.S. and elsewhere.
-
Sponsor Article
Sponsored -
Video/Webcast
Sponsored -
White Paper
-
White Paper