Compliance

Online Safety Bill passes final parliament debate, set to become UK law

Despite widespread criticism and scrutiny, the UK government is within touching distance of delivering its controversial new internet safety rules.

By Michael Hill

Sep 20, 20233 mins

EncryptionCompliancePrivacy

By Cynthia Brumfield

Sep 18, 20237 mins

RegulationComplianceSecurity Practices

Articles

DNA Diagnostic Center fined $400,000 for 2021 data breach

The DNA testing lab said it was not even aware that the legacy databases existed in its systems at the time of the breach.

By Apurva Venkat

Feb 21, 2023 4 mins

Data BreachCompliance

Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk

Digital forensics and incident response teams face increasing workloads amid evolving cyberattacks, recruiting and hiring challenges, and a lack of effective automation.

By Michael Hill

Feb 16, 2023 5 mins

Incident ResponseInvestigation and ForensicsCompliance

DLA Piper’s GDPR and Data Breach survey shows a 50% increase in fines in the last 12 months. Data protection authorities turning their focus to artificial intelligence.

By Michael Hill

Jan 17, 2023 4 mins

RegulationData PrivacyCompliance

Twitter’s mushrooming data breach crisis could prove costly

An apparent data breach potentially impacting hundreds of millions of users could damage Twitter's finances and operations. EU regulators pose the biggest threat to the Elon Musk-owned company.

By Cynthia Brumfield

Jan 06, 2023 8 mins

Data BreachData PrivacyCompliance

CPRA explained: New California privacy law ramps up restrictions on data use

The California Privacy Rights Act more closely aligns with the EU's General Data Protection Regulation. Mid-sized companies not yet GDPR compliant face the biggest impact.

By Maria Korolov

Dec 27, 2022 10 mins

Data PrivacyComplianceSecurity

PCI Secure Software Standard version 1.2 sets out new payment security requirements

Changes include the Web Software Module to help payment software vendors and developers identify and implement security controls to protect against attacks.

By Michael Hill

Dec 13, 2022 3 mins

RegulationFraudCompliance

The Biden administration has racked up a host of cybersecurity accomplishments

The Biden administration’s intense focus on cybersecurity has resulted in an unprecedented number of initiatives. Although domestic efforts seem well-baked, opportunities exist for further leadership in the international arena.

By Cynthia Brumfield

Nov 23, 2022 7 mins

GovernmentComplianceCritical Infrastructure

New York-barred attorneys required to complete cybersecurity, privacy, and data protection training

New requirements highlight lawyers’ technical competence duty to meet professional, ethical, and contractual obligations to safeguard client information.

By Michael Hill

Nov 14, 2022 3 mins

Data PrivacyLegalCompliance

How to prepare for a SOC 2 audit - it's a big deal, so you'd better get ready

Getting ready for one of the most demanding review processes in cybersecurity can be daunting, but experts say preparing for a SOC 2 audit can be an important part of a well-managed year-round security program.

By Mary K. Pratt

Nov 07, 2022 8 mins

Security AuditsCompliance

CISA releases cybersecurity performance goals to reduce risk and impact of adversarial threats

Based on the NIST Cybersecurity Framework, the goals could become the baseline standards for cybersecurity negligence and possible future regulatory requirements.

By Cynthia Brumfield

Oct 31, 2022 7 mins

ComplianceCritical Infrastructure

How Cisco’s Cloud Control Framework helps it comply with multiple security standards

Its open-source Cloud Control Framework gives Cisco a common template to meet security standards and regulatory requirements across the globe.

By Poornima Apte

Oct 27, 2022 6 mins

Cloud SecurityCompliance

US OMB releases guidance on federal agency software security requirements

The guidance aims to improve the security of software federal agencies use, but expects self-attestation for compliance.

By Cynthia Brumfield

Sep 16, 2022 5 mins

Application SecurityComplianceCritical Infrastructure

View all

Explore a topic

Show me more

DHS unveils one common platform for reporting cyber incidents

By Cynthia Brumfield

Sep 25, 202310 mins

RegulationRegulationRegulation

Chinese state actors behind espionage attacks on Southeast Asian government

By Shweta Sharma

Sep 25, 20234 mins

Advanced Persistent ThreatsCyberattacks

How to pick the best endpoint detection and response solution

By Linda Rosencrance

Sep 25, 202310 mins

Intrusion Detection SoftwareSecurity Monitoring SoftwareData and Information Security

CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical

Sep 20, 202312 mins

CSO and CISO

CSO Executive Sessions Australia with Siddiqua Shaheen, Head of Cyber Governance at Lander & Rogers

Sep 07, 202317 mins

CSO and CISO

CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role

Sep 06, 202310 mins

CSO and CISO

CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical

Sep 20, 202312 mins

CSO and CISO

What is zero trust security?

Sep 06, 20233 mins

AuthenticationZero TrustNetwork Security

CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role

Sep 06, 202310 mins

CSO and CISO

Online Safety Bill passes final parliament debate, set to become UK law

Cyber-related False Claims actions are on the uptick

Security and privacy laws, regulations, and compliance: The complete guide

NIST releases Cybersecurity Framework 2.0 draft

How financial institutions can reduce security and other risks from MRAs

Dope Security wants to help CISOs get a handle on shadow IT

New SEC rules give companies four days to report cyber incidents

Why and how CISOs should work with lawyers to address regulatory burdens

Only half of organizations “very prepared” to meet global data privacy laws

Articles

DNA Diagnostic Center fined $400,000 for 2021 data breach

Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk

European data protection authorities issue record EUR1.65 billion in GDPR fines

Twitter’s mushrooming data breach crisis could prove costly

CPRA explained: New California privacy law ramps up restrictions on data use

PCI Secure Software Standard version 1.2 sets out new payment security requirements

The Biden administration has racked up a host of cybersecurity accomplishments

New York-barred attorneys required to complete cybersecurity, privacy, and data protection training

How to prepare for a SOC 2 audit - it's a big deal, so you'd better get ready

CISA releases cybersecurity performance goals to reduce risk and impact of adversarial threats

How Cisco’s Cloud Control Framework helps it comply with multiple security standards

US OMB releases guidance on federal agency software security requirements

Resources

Key Control: Enterprise Key Management and Compliance Platform

Addressing Security Compliance with Privileged Access Management

Addressing Security Compliance with Privileged Access Management

Video on demand

Aligning security, compliance and privacy across inventory tracking

Explore a topic

Show me more

DHS unveils one common platform for reporting cyber incidents

Chinese state actors behind espionage attacks on Southeast Asian government

How to pick the best endpoint detection and response solution

CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical

CSO Executive Sessions Australia with Siddiqua Shaheen, Head of Cyber Governance at Lander & Rogers

CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role

CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical

What is zero trust security?

CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role