William Gamble Archive
The COVID-19 pandemic has resulted in many changes to the way organizations operate. It’s estimated that the number of remote workers increased from just over 4% of the workforce to almost half, with about 80% of employers allowing at least …
Recently, a client told me that he did not have any personal information on his systems, so he wasn’t subject to privacy laws. At that point, I knew he was in trouble. The problem is that there is no one …
On December 10, 2020, the Department of Health and Human Services published its proposed changes to the HIPAA (Health Insurance Portability and Accountability Act). The changes, which would not be effective until March 22, 2021, concern the right of patients …
Last year’s SolarWinds hack draws attention to a major cybersecurity issue. SolarWinds is a software development company. One of its products, Orion, is a monitoring and management platform designed to simplify IT administration. The product is very popular and is …
When it comes to cybersecurity and data privacy regulation, most U.S. businesses look at Europeans with a certain degree of smugness. After all, Europeans must deal with the onerous GDPR (General Data Protection Regulation). European organizations can use an individual’s …
PCI DSS. SOC 1 and 2. COBIT® 5. NIST CSF. NIST SP 800-53. NY SHIELD. NYDFS. ISO 27001. What are they and what do they have in common? Why should you care? How do you choose between them? They are …
Invalidation of the Privacy Shield U.S. companies that do business in the EU are in for a nasty shock. For the past four years, the EU–U.S. Privacy Shield framework has allowed them to transfer data from the EU in line …
Last week your CEO opened an email about chimpanzees in ties trashing an office. You’ve just learned the email contained malware, which has been exfiltrating valuable data to an IP address in Iran. After a brief panic attack, you start …
Let us assume you work for a company based in the U.S. Maybe you’ve heard of the European GDPR (General Data Protection Regulation). Perhaps you even heard about its requirements for cybersecurity and protecting personal information. Then you think to …
Cybersecurity breaches are always bad, but without a management system they can turn into a catastrophe. Take the plight of Lake City, Florida. It’s a small city about an hour away from Jacksonville, but it has big problems. The city’s …
