This is a guest article by IT Governance USA GDPR Consultant William Gamble. I am one of the few lawyers with an advanced certification in cybersecurity. I help organizations identify and comply with relevant cybersecurity and privacy laws. Four years …
Lincoln College, a private school based in Illinois, announced this week that it will be closing permanently following a ransomware attack. The liberal arts college opened in 1865, but it began suffering financial hardship during the COVID-19 pandemic. Like many …
Third-party risk management focuses on identifying and reducing risks relating to vendors, suppliers, partners, contractors, and service providers. It has become more important than ever due to the growing trend in third-party data breaches. Incidents such as the SolarWinds hack …
With the growing awareness of effective information security, it’s no surprise that so many organizations are turning to SOC 2 for guidance. SOC 2 is an auditing procedure that ensures that an organization’s service providers are managing sensitive information securely …
Last month, the U.S. Congress passed the CIRCIA (Cyber Incident Reporting for Critical Infrastructure Act of 2022), which requires organizations involved in critical infrastructure to report cybersecurity incidents within 72 hours. Jen Easterly, the head of the CISA (Cybersecurity and …
For business leaders to ensure that their corporate data and the information of their customers is secure, they must prioritize cybersecurity. Protecting the security of our devices against the threat of criminal hackers has never been more important, especially with …
There is a growing trend for organizations to invest in and promote positive social movements. Enter ESG (environmental, social, and governance) management. Organizations receive good ESG ratings for having a positive effect on society. This includes reducing their carbon footprint, …
Legislatures follow trends. Four years ago, there were only two U.S. state legislatures that proposed bills to protect consumer data. This year, there have been 34. Unfortunately, only three states – California, Virginia, and Colorado – have passed such bills. …
As the owner or manager of an organization, it’s your responsibility to protect your customers and the data that they give you. Clients typically always assume that you can be trusted, but if you experience a data breach, then not …
Litigation following a data breach is like adding insult to injury. The incident damages your reputation and slows your business as you try to correct the issues. Then you have to pay for litigation expenses and perhaps a destructive award. …