As a result of the EU’s GDPR (General Data Protection Regulation) coming into effect on May 25, 2018, more than 1,000 U.S. news sites are not available in the EU. For example, EU residents looking to read LAtimes.com will see the following …
Perhaps you’ve read that demand for qualified cybersecurity professionals dramatically outstrips supply and that an entry level salary is $54,000 a year, with an average salary nearly double that. CyberSeek have even produced this handy interactive map showing areas of …
The PCI DSS (Payment Card Industry Data Security Standard)was created in 2004 by American Express, Discover, Mastercard, Visa and JCB. It is a set of policies and procedures intended to optimize the security of credit, debit, and cash card transactions and protect cardholders against misuse of their personal information. It applies to …
Since the GDPR (General Data Protection Regulation) came into effect in May 2018, the international shortage of DPOs (data protection officers) has increased. The Regulation stipulates that certain organizations must appoint a DPO to monitor data protection compliance and act as a contact …
A key part of data privacy laws that affect North American organizations – various U.S. state legislation, HIPAA (Health Insurance Portability and Accountability Act), the EU’s GDPR (General Data Protection Regulation), and the soon-to-be-updated PIPEDA (Personal Information Protection and Electronic …
The 18-month transitional period for compliance with sections 500.06 (Audit Trail), 500.08 (Application Security), 500.13 (Limitations on Data Retention), 500.14(a) (Training and Monitoring), and 500.15 (Encryption of Nonpublic Information) of the NYDFS Cybersecurity Requirements has ended. There is still time …
Mimecast’s Email Security Risk Assessment report has revealed that BEC (business email compromise) attacks have increased by 80% in the past quarter. BEC scams target organizations to try to compromise the email account of a victim and get personal data, …
Conducting a risk assessment should be one of the first things an organization does when preparing its cybersecurity policy and program. Without a risk assessment, key threats could be overlooked, or time, effort, and resources could be wasted defending against …
The NIST Cybersecurity Framework (CSF) is a voluntary framework primarily intended for critical infrastructure organizations to manage and mitigate cybersecurity risk based on existing standards, guidelines, and practices. However, the NIST CSF has proven to be flexible enough to also be …
If your organization collects EU residents’ personal data and you aren’t compliant with the EU GDPR (General Data Protection Regulation), you’d better start preparing. The GDPR, which came into effect on 25 May 2018, introduces strict rules on data collection, …
