Regulation

Regulation | News, how-tos, features, reviews, and videos

Fragmented image of a Boeing 787 airplane represented in encrypted data.
USA / United States of America stars + stripes and binary code superimposed over The White House

A gavel rests on open law book. [law / regulation / compliance / legal liability]

Security and privacy laws, regulations, and compliance: The complete guide

This handy directory provides summaries and links to the full text of each security or privacy law and regulation.

A laptop displays binary code and the flag of China.

China's PIPL privacy law imposes new data handling requirements

The Personal Information Protection Law will force global companies doing business in China to be more careful with cross-border flow of personal information.

cso security global breach networking hack invasion infiltrate 5g connected gettyimages 1211443622

Data sovereignty laws place new burdens on CISOs

More than 100 countries now require data on their citizens be stored or processed within their boundaries, presenting new data protection challenges.

USA / United States of America stars + stripes and binary code superimposed over The White House

Biden memo, infrastructure deal deliver cybersecurity performance goals and money

The White House initiatives and expected passage of the US infrastructure plan will set new cybersecurity standards for critical infrastructure, provide money to state and local governments.

United States Capitol building / United States Congress / abstract security concept

18 new cybersecurity bills introduced as US congressional interest heats up

The new bills, many with bi-partisan support, aim to increase cybersecurity funding, improve breach reporting, investigate cryptocurrencies, and more.

Binary flag of the European Union viewed through a magnifying lens and showing a ripple effect.

EU takes aim at ransomware with plans to make Bitcoin traceable, prohibit anonymity

The European Commission has set out new legislative proposals to make crypto transfers more traceable. While the plans will close some existing loopholes, the impact on cybercrime is likely to be minimal, experts say.

data pipeline primary

TSA issues second cybersecurity directive for pipeline companies

Experts applaud the agency's new, detailed security requirements for US pipeline operators but question how they will be enforced or monitored.

GDPR data privacy / data protection / security / risk management

What is personally identifiable information (PII)? How to protect it under GDPR

The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. That means keeping personally identifiable information (PII) safe. Here's what you need to know.

A binary eye sits within the center of a targeted virtual framework.

Proposed bill would create a new federal agency to protect consumer data

The Data Protection Act of 2021 has wide-ranging definitions of high-risk data practices and privacy harm.

Ransomware  >  An encrypted system, held ransom with lock + chain, displays a dollar sign.

How to control ransomware? International cooperation, disrupting payments are key, experts say

Anti-ransomware acts or regulations will require global cooperation, experts say. In the meantime, ransomware victims should cooperate quickly and fully with authorities.

7 response plan be prepared are you ready typewriter

10 things to do now to reduce the cost of your next data breach

Taking these steps will save money, time, and reputation when that next breach hits.

light string in a jar at sunset / lightbulbs / ideas / innovation / brainstorming

Defining linchpins: An industry perspective on remediating Sunburst

The concept of linchpin software can be useful in assessing risk and focusing security efforts, but it comes with challenges.

A virtual checkmark in digital system / standards / quality control / certification / certificates

HITRUST explained: One framework to rule them all

HITRUST is a cybersecurity framework that seeks to unify the rules for many other existing regulatory and industry frameworks, including HIPAA, GDPR, PCI-DSS, and more.

data pipeline primary

TSA’s pipeline cybersecurity directive is just a first step experts say

The new, hastily announced security directive requires US pipeline companies to appoint a cybersecurity coordinator and report possible breaches within 12 hours.

Lady Justice statue with scales, law books. [regulation / compliance / legal liability / fairness]

FISMA basics: What federal agencies and contractors need to know

FISMA, or the Federal Information Security Management Act, is a U.S. federal law passed in 2002 that seeks to establish guidelines and cybersecurity standards for government tech infrastructure, and in so doing protect government...

Lady Justice statue with scales, law books. [regulation / compliance / legal liability / fairness]

Virginia data protection bill signed into law

The state is the second in the nation to enact a consumer data protection law along the lines of the EU's GDPR. Here's what businesses need to know about Virginia's CDPA.

healthcare data breach / medical patient privacy security violation

The HITECH Act explained: Definition, compliance, and violations

The Health Information Technology for Economic and Clinical Health (HITECH) Act aims to expand the use of electronic health records through incentives to health care providers and consumers. It also tightens rules on providers to...

high priority gauge

The most important cybersecurity topics for business executives

Data privacy, current cyberthreats, and cybersecurity culture and training top the list, but are these the right priorities?

Load More
You Might Also Like