newsOnline Safety Bill passes final parliament debate, set to become UK lawDespite widespread criticism and scrutiny, the UK government is within touching distance of delivering its controversial new internet safety rules.By Michael HillSep 20, 20233 minsEncryptionCompliancePrivacy news analysis Cyber-related False Claims actions are on the uptickBy Cynthia BrumfieldSep 18, 20237 minsRegulationComplianceSecurity Practicesfeature Security and privacy laws, regulations, and compliance: The complete guideBy CSO StaffSep 12, 202349 minsRegulationComplianceSecurity news analysisNIST releases Cybersecurity Framework 2.0 draftBy Cynthia Brumfield Sep 12, 20237 minsComplianceCritical InfrastructureRisk Management featureHow financial institutions can reduce security and other risks from MRAsBy Perry Menezes, Partner/MD, Head, Financial Services, MorganFranklin Consulting; Ahsan Sheikh, CISRO, US Financial Services; Thomas Kartanowicz, CISO Europe and Americas, Global Financial Services Firm; Marco Maiurano, CISO, Large US Financial Services Firm; John Rogers, Global CISO, FinTech Firm; Paul Moreira, Global German Bank, Regional Head, Cyber, BCM, VRM, Operational resilience Aug 29, 202310 minsFinancial Services IndustryComplianceRisk Management newsDope Security wants to help CISOs get a handle on shadow IT By Shweta Sharma Aug 23, 20233 minsData PrivacyComplianceData and Information Security news analysisNew SEC rules give companies four days to report cyber incidentsBy Cynthia Brumfield Jul 26, 202310 minsRegulationCompliance featureWhy and how CISOs should work with lawyers to address regulatory burdensBy Rosalyn Page Jul 19, 202311 minsRegulationComplianceRisk Management newsOnly half of organizations “very prepared” to meet global data privacy lawsBy Michael Hill Jul 18, 20238 minsRegulationData PrivacyCompliance ArticlesnewsDNA Diagnostic Center fined $400,000 for 2021 data breachThe DNA testing lab said it was not even aware that the legacy databases existed in its systems at the time of the breach. By Apurva Venkat Feb 21, 2023 4 minsData BreachCompliancenewsEvolving cyberattacks, alert fatigue creating DFIR burnout, regulatory riskDigital forensics and incident response teams face increasing workloads amid evolving cyberattacks, recruiting and hiring challenges, and a lack of effective automation.By Michael Hill Feb 16, 2023 5 minsIncident ResponseInvestigation and ForensicsCompliancenewsEuropean data protection authorities issue record EUR1.65 billion in GDPR finesDLA Piper’s GDPR and Data Breach survey shows a 50% increase in fines in the last 12 months. Data protection authorities turning their focus to artificial intelligence.By Michael Hill Jan 17, 2023 4 minsRegulationData PrivacyCompliancenews analysisTwitter’s mushrooming data breach crisis could prove costlyAn apparent data breach potentially impacting hundreds of millions of users could damage Twitter's finances and operations. EU regulators pose the biggest threat to the Elon Musk-owned company.By Cynthia Brumfield Jan 06, 2023 8 minsData BreachData PrivacyCompliancefeatureCPRA explained: New California privacy law ramps up restrictions on data useThe California Privacy Rights Act more closely aligns with the EU's General Data Protection Regulation. Mid-sized companies not yet GDPR compliant face the biggest impact.By Maria Korolov Dec 27, 2022 10 minsData PrivacyComplianceSecuritynewsPCI Secure Software Standard version 1.2 sets out new payment security requirementsChanges include the Web Software Module to help payment software vendors and developers identify and implement security controls to protect against attacks.By Michael Hill Dec 13, 2022 3 minsRegulationFraudComplianceopinionThe Biden administration has racked up a host of cybersecurity accomplishmentsThe Biden administration’s intense focus on cybersecurity has resulted in an unprecedented number of initiatives. Although domestic efforts seem well-baked, opportunities exist for further leadership in the international arena.By Cynthia Brumfield Nov 23, 2022 7 minsGovernmentComplianceCritical InfrastructurenewsNew York-barred attorneys required to complete cybersecurity, privacy, and data protection trainingNew requirements highlight lawyers’ technical competence duty to meet professional, ethical, and contractual obligations to safeguard client information.By Michael Hill Nov 14, 2022 3 minsData PrivacyLegalCompliancefeatureHow to prepare for a SOC 2 audit - it's a big deal, so you'd better get readyGetting ready for one of the most demanding review processes in cybersecurity can be daunting, but experts say preparing for a SOC 2 audit can be an important part of a well-managed year-round security program.By Mary K. Pratt Nov 07, 2022 8 minsSecurity AuditsCompliancenews analysisCISA releases cybersecurity performance goals to reduce risk and impact of adversarial threatsBased on the NIST Cybersecurity Framework, the goals could become the baseline standards for cybersecurity negligence and possible future regulatory requirements.By Cynthia Brumfield Oct 31, 2022 7 minsComplianceCritical InfrastructurefeatureHow Cisco’s Cloud Control Framework helps it comply with multiple security standardsIts open-source Cloud Control Framework gives Cisco a common template to meet security standards and regulatory requirements across the globe.By Poornima Apte Oct 27, 2022 6 minsCloud SecurityCompliancenews analysisUS OMB releases guidance on federal agency software security requirementsThe guidance aims to improve the security of software federal agencies use, but expects self-attestation for compliance. By Cynthia Brumfield Sep 16, 2022 5 minsApplication SecurityComplianceCritical Infrastructure Show more Show less View all Resources whitepaper Key Control: Enterprise Key Management and Compliance Platform The platform offers decentralized security with centralized visibility across the enterprise's cryptographic ecosystem. The post Key Control: Enterprise Key Management and Compliance Platform appeared first on Whitepaper Repository. By Entrust 20 Sep 2023Application ManagementBusiness OperationsCompliance whitepaper Addressing Security Compliance with Privileged Access Management By CyberArk Software 11 Aug 2023Cloud SecurityComplianceSecurity whitepaper Addressing Security Compliance with Privileged Access Management By CyberArk Software 10 Aug 2023Cloud SecurityComplianceSecurity View all Video on demand videoAligning security, compliance and privacy across inventory trackingBrad Wells, Executive Director, Information Security, and Kandice Samuelson, Senior Director, IT Governance at PPD lead a team enhancing PPD’s inventory tracking system that identifies PPD's most valuable assets. Join us to learn how they distribute security resources for appropriate levels of protection, maintain compliance with government regulations and industry standards, and leverage information security controls aligned with client requirements, industry frameworks and privacy regulations. May 28, 2021 20 minsComplianceData and Information SecurityPrivacy See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos news analysis DHS unveils one common platform for reporting cyber incidents By Cynthia Brumfield Sep 25, 202310 mins RegulationRegulationRegulation news Chinese state actors behind espionage attacks on Southeast Asian government By Shweta Sharma Sep 25, 20234 mins Advanced Persistent ThreatsCyberattacks feature How to pick the best endpoint detection and response solution By Linda Rosencrance Sep 25, 202310 mins Intrusion Detection SoftwareSecurity Monitoring SoftwareData and Information Security podcast CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical Sep 20, 202312 mins CSO and CISO podcast CSO Executive Sessions Australia with Siddiqua Shaheen, Head of Cyber Governance at Lander & Rogers Sep 07, 202317 mins CSO and CISO podcast CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role Sep 06, 202310 mins CSO and CISO video CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical Sep 20, 202312 mins CSO and CISO video What is zero trust security? Sep 06, 20233 mins AuthenticationZero TrustNetwork Security video CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role Sep 06, 202310 mins CSO and CISO