How RegTech Simplifies Governance, Risk, and Compliance
Complying with standards such as HIPAA, PCI DSS, FISMA, and SSAE 16 SOC reporting is complex, costly, and time-consuming, especially for organizations that must comply with multiple standards. You may have heard the term “RegTech” ... Views: 908
The deadline for GDPR compliance is right around the corner; is your company ready? Here’s what you need to know about this important new data protection law and what your organization must do to prepare for it.
What is GDPR?
The General Data Protection Regulation, or GDPR, was adopted by ... Views: 862
As cyber threats present greater risks to enterprises of all sizes and in all industries, more are requiring that their SaaS providers and other cloud services vendors have an SOC 2 certification. Let’s examine what an SOC 2 certification is and why your cloud services business should get ... Views: 970
You would never pay $1,000 upfront and $30/month for a security system to protect a shed containing $100 worth of lawn equipment. However, you wouldn’t hesitate to spend that much or more to protect your home and family. The same concept applies in information security. Different kinds of data ... Views: 1155
Yahoo is trying to pass the buck, but data breach responsibility starts at the top.
Who should be held responsible when a company’s systems get breached? Historically, the CIO, the CISO, or both have shouldered the lion’s share of data breach responsibility; well over half of security ... Views: 1014
The Federal Risk and Authorization Management Program (FedRAMP) was designed to support the federal government’s “cloud-first” initiative by making it easier for federal agencies to contract with cloud providers. Like FISMA, DFARS, CJIS, and HIPAA, FedRAMP’s security controls are based on NIST ... Views: 817
K-12 schools, colleges, and universities are attractive targets for hackers. Their networks contain an enormous amount of identifying information on staff members, students, and students’ families, including names, birth dates, addresses, Social Security numbers, and even health records. ... Views: 1017
The Federal Risk and Authorization Management Program, or FedRAMP, was designed to support the federal government’s “cloud-first” initiative by making it easier for federal agencies to contract with vendors that provide SaaS solutions and other cloud services. Unlike FISMA, which requires ... Views: 1037
White-Hat Hackers Are Already Being Caught in the Cryptocurrency Regulation Net
Cryptocurrencies have long been associated with cyber crime. The cryptocurrency Bitcoin was the de facto currency of the notorious online black market Silk Road, it remains the preferred payment method on the Dark ... Views: 1667
Don’t depend on a cyber insurance policy to cover your losses after a ransomware attack.
Hackers have discovered that there’s fast, easy money in holding enterprise systems hostage, especially in industries that process and store highly sensitive data, such as education and healthcare. The ... Views: 1150
For Years, Yahoo Put Usability Ahead of Cyber Security
The massive Yahoo data breach, which compromised 500 million user accounts and put its acquisition by Verizon at risk, happened because the company repeatedly put product user experience ahead of security, the New York Times ... Views: 925
If your organization processes, stores, or transmits cardholder data for the major credit card brands, you are required to be compliant with PCI DSS. While PCI DSS is not required by U.S. federal law — it is an industry standard mandated by the credit card companies — but some states have laws ... Views: 1198