news analysisNo consensus on creating a unified US cyber incident reporting frameworkComments submitted to CISA regarding its creation of cyber incident and ransom payment reporting requirements underscore how tough it will be for the agency to create a one-size-fits-all framework.By Cynthia Brumfield29 Jun 202310 minsRegulationRansomwareCompliance news Meta fined $1.3B for violating EU GDPR data transfer rules on privacyBy Charlotte Trueman22 May 20234 minsRegulationGDPRData Privacynews Vanta adds new SaaS capability to address growing concerns over vendor securityBy Shweta Sharma03 May 20233 minsVendor ManagementVendor ManagementVendor Management newsUK launches GovAssure cybersecurity scheme to protect government IT functionsBy Michael Hill 21 Apr 20232 minsGovernmentIT Governance FrameworksCompliance newsUK NCSC fully launches Cyber Advisors to help SMEs meet cybersecurity standardsBy Michael Hill 18 Apr 20232 minsIT SkillsComplianceCareers news analysisBattle could be brewing over new FCC data breach reporting rulesBy Cynthia Brumfield 11 Apr 20238 minsRegulationData BreachCompliance newsObsidian launches new SaaS security and compliance toolsBy Shweta Sharma 05 Apr 20234 minsComplianceRisk ManagementSaaS newsUK fines TikTok $15.8 million for GDPR violation of children's privacyBy Jon Gold 04 Apr 20233 minsRegulationData PrivacyCompliance news analysisUK Data Protection and Digital Information Bill introduced in ParliamentBy Michael Hill 08 Mar 20235 minsRegulationData PrivacyCompliance ArticlesopinionThe Biden administration has racked up a host of cybersecurity accomplishmentsThe Biden administration’s intense focus on cybersecurity has resulted in an unprecedented number of initiatives. Although domestic efforts seem well-baked, opportunities exist for further leadership in the international arena.By Cynthia Brumfield 23 Nov 2022 7 minsGovernmentComplianceCritical InfrastructurenewsNew York-barred attorneys required to complete cybersecurity, privacy, and data protection trainingNew requirements highlight lawyers’ technical competence duty to meet professional, ethical, and contractual obligations to safeguard client information.By Michael Hill 14 Nov 2022 3 minsData PrivacyData PrivacyData PrivacyfeatureHow to prepare for a SOC 2 audit - it's a big deal, so you'd better get readyGetting ready for one of the most demanding review processes in cybersecurity can be daunting, but experts say preparing for a SOC 2 audit can be an important part of a well-managed year-round security program.By Mary K. Pratt 07 Nov 2022 8 minsSecurity AuditsCompliancenews analysisCISA releases cybersecurity performance goals to reduce risk and impact of adversarial threatsBased on the NIST Cybersecurity Framework, the goals could become the baseline standards for cybersecurity negligence and possible future regulatory requirements.By Cynthia Brumfield 31 Oct 2022 7 minsComplianceCritical InfrastructurefeatureHow Cisco’s Cloud Control Framework helps it comply with multiple security standardsIts open-source Cloud Control Framework gives Cisco a common template to meet security standards and regulatory requirements across the globe.By Poornima Apte 27 Oct 2022 6 minsCloud SecurityCompliancenewsUK ICO fines Interserve ?4.4 million over cyberattack that exposed up to 113,000 employeesThe UK’s independent data regulator the Information Commissioner’s Office (ICO) has handed a £4.4 million fine to British construction firm Interserve for breaking data protection law after suffering a cyberattack.By Michael Hill 24 Oct 2022 3 minsGovernmentCompliancenewsUK ICO reprimands 7 organisations for failing to adhere to UK GDPR Subject Access Request lawsThe Ministry of Defence, Home Office and Virgin Media among the organisations which have failed to respond to Subject Access Request in time, if at all.By Michael Hill 29 Sep 2022 2 minsGDPRCompliancePrivacyfeatureResolving conflicts between security best practices and compliance mandatesSometimes the latest security best practices don't align with an organization's compliance templates. These are some of the areas where you might need an exception.By Susan Bradley 31 Aug 2022 5 minsWindows SecurityComplianceNetwork SecuritynewsUK government finalises new cybersecurity regulations for telecoms providersNew telecoms security standards to come into force from October as the UK government prepares to present the Electronic Communications (Security) Measures Regulations 2022 to Parliament.By Michael Hill 30 Aug 2022 3 minsCommunications SecurityComplianceCritical InfrastructurenewsUK NCSC releases new cybersecurity guidance for major construction projectsUK National Cyber Security Centre partners with BEIS and CPNI to publish new cybersecurity guidance for protecting major construction projects such as HS2 and Crossrail.By Michael Hill 23 Aug 2022 3 minsConstruction and Engineering IndustryCompliancenewsUK NCSC announces Cyber Advisor service to help SMBs reach cybersecurity standardsThe National Cyber Security Centre launches a proof-of-concept stage for its new Cyber Advisor scheme designed to offer a trusted source of cybersecurity advice to a wider range of organisations.By Michael Hill 25 Jul 2022 3 minsComplianceSecuritynewsUK NCSC, ICO urge lawyers to stop clients paying cybercrime ransomsThe UK National Cyber Security Centre and Information Commissioner’s Office warn the Law Society that paying ransoms will not protect data or lessen regulatory action.By Michael Hill 12 Jul 2022 3 minsRansomwareCompliance Show more Show less View all Resources whitepaper The shift to a security approach for the full application stack This whitepaper discusses how technologists can optimize security for modern application stacks. The post The shift to a security approach for the full application stack appeared first on Whitepaper Repository. By WWT & AppDynamics 05 May 2023Application Performance ManagementEmerging TechnologyIT Management View all Video on demand videoAligning security, compliance and privacy across inventory trackingBrad Wells, Executive Director, Information Security, and Kandice Samuelson, Senior Director, IT Governance at PPD lead a team enhancing PPD’s inventory tracking system that identifies PPD's most valuable assets. Join us to learn how they distribute security resources for appropriate levels of protection, maintain compliance with government regulations and industry standards, and leverage information security controls aligned with client requirements, industry frameworks and privacy regulations. May 28, 2021 20 minsComplianceData and Information SecurityPrivacy See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticles opinion What is the dark web? How to access it and what you'll find By Darren Guccione 01 Jul 202111 mins Data BreachTechnology IndustryCybercrime