Regulation

Regulation | News, how-tos, features, reviews, and videos

Cyber warfare  >  Russian missile launcher / Russian flag / binary code

Internet sanctions against Russia pose risks, challenges for businesses

Sanctions on Russian attack for its attack on Ukraine and its response will change the way the internet is used, forcing companies to make hard decisions.

United States Capitol building / United States Congress / abstract security concept

Cyber incident reporting measures approved in the omnibus spending bill

Critical infrastructure entities and federal agencies will have to report significant cyber incidents to CISA within 72 hours and ransomware attacks within 24 hours under legislation passed by the House that will likely become law.

frozen bitcoin circuits

Biden’s cryptocurrency executive order addresses illicit financial risks

Early indications are that the cryptocurrency industry will work with the U.S. government to help minimize risk and make it harder for cybercriminals to profit from their activities.

EU / European Union / GDPR data privacy, regulation, compliance

UK/US data protection claim highlights ambiguity of GDPR’s geographic scope

A data protection claim against U.S. defendants highlights the uncertainty surrounding the territorial limits of the GDPR.

Privacy: An eye looks through peephole.

Crazy quilt of state privacy laws could cost businesses $1 trillion

A new study shows that state privacy laws could create significant compliance costs for both in- and out-of-state businesses.

8 data protection gdpr

European nations issue record €1.1 billion in GDPR fines

Authorities across Europe issued huge amounts in GDPR fines during 2021. Luxembourg and Ireland took up the top spots, replacing Italy and Germany.

Global geopolitical vectors

Data residency laws pushing companies toward residency as a service

Many countries now require companies that operate within its boundaries to store data on their residents locally. Using residency-as-a-service providers is becoming an important option.

3 the vertical market fintech stock market graph

SEC eyes more expansive cybersecurity requirements

New rules for publicly traded companies could add protections for consumer information, strengthen incident reporting, and require assessment of third-party risk.

USA / United States of America stars + stripes and binary code superimposed over The White House

Biden memo aims to bolster cybersecurity in national security systems

A national security memorandum places new cybersecurity requirements for reporting and preventing security incidents involving sensitive national security systems.

rules rulebook law compliance regulation by baloon111 getty

FTC, SEC raise legal risks surrounding the log4j flaw

The U.S. Federal Trade Commission also threatened possible legal action for companies that don't address the risk from the Log4j vulnerabilities.

One avatar is uniquely identified among others at the center of a bullseye in a digital environment.

What is PII? Examples, laws, and standards

Personally identifiable information (PII), is any piece of data that could be used—either alone or when combined with other data—to identify an individual. Some types of PII are obvious, such as a name or Social Security number, but...

Gears in the form of a cloud in a binary field  >  Cloud controls

UK NCSC updates Cyber Essentials technical controls requirements and pricing structure

Technical controls update includes revisions surrounding the use of cloud services, multi-factor authentication, and password management. New pricing structure better reflects organisational size and complexity.

A binary map of china.

China's Personal Information Protection Law (PIPL) presents challenges for CISOs

PIPL's data localization mandate places unique requirements on businesses operating in China, and regulators have great leeway to assess fines.

Fragmented image of a Boeing 787 airplane represented in encrypted data.

TSA to issue cybersecurity requirements for US rail, aviation sectors

New rules include reporting incidents to CISA and naming cybersecurity leads, but experts and industry representatives cite lack of input.

australia electric utility towers shutterstock 2049243227

How Jemena is preparing for Australia’s coming critical infrastructure cybersecurity obligations

The transition from voluntary best practice to auditable government requirement may expose gaps in critical infrastructure operators’ risk management.

USA / United States of America stars + stripes and binary code superimposed over The White House

Software cybersecurity labels face practical, cost challenges

The federal government wants consumer software to have cybersecurity labels; experts question the feasibility of the mandate.

A laptop displays binary code and the flag of China.

China's PIPL privacy law imposes new data handling requirements

The Personal Information Protection Law will force global companies doing business in China to be more careful with cross-border flow of personal information.

cso security global breach networking hack invasion infiltrate 5g connected gettyimages 1211443622

Data sovereignty laws place new burdens on CISOs

More than 100 countries now require data on their citizens be stored or processed within their boundaries, presenting new data protection challenges.

data security / padlock / binary code / digital display

RBI’s ban on new Mastercard cards could boost local data security in India

A 2018 rule requiring that customers’ payment data be stored in India was enforced against Mastercard, American Express, and Diners Club in 2021, as a strong signal India intends to keep customer data in local hands.

USA / United States of America stars + stripes and binary code superimposed over The White House

Biden memo, infrastructure deal deliver cybersecurity performance goals and money

The White House initiatives and expected passage of the US infrastructure plan will set new cybersecurity standards for critical infrastructure, provide money to state and local governments.

Load More