Blog - Cyber Security Informer

What is the CCPA and What’s Needed for Compliance?

Digital Guardian

SEPTEMBER 7, 2023

You've heard of the CCPA but what are the costs of noncompliance? We answer those questions and look at how organizations can use a DLP solution to help facilitate CCPA compliance in this blog.

From Google Cloud Blog: “Improving security, compliance, and governance with cloud-based DLP data…

Anton on Security

OCTOBER 21, 2020

From Google Cloud Blog: “Improving security, compliance, and governance with cloud-based DLP data discovery” So, I’ve been doing some blogging at Google Cloud blog with most posts connected to products, launches, etc. However, I am also doing a fun blog series on DLP in the cloud.

Government

Government Cloud Migration Data breaches Risk

How to prepare for the California Consumer Privacy Act

Thales Cloud Protection & Licensing

AUGUST 15, 2019

375 the California Consumer Privacy Act (CCPA), making California the first U.S. Last August, my colleague Ashvin Kamaraju wrote a blog shortly after this took place. The CCPA, which will come into effect on Jan. The CCPA, which will come into effect on Jan. What is considered Personal Information under the CCPA.

Digital transformation

Digital transformation Data collection Data privacy CISO

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Risk and Regulation: A Strategic Guide to Compliance Risk Assessment

Centraleyes

MARCH 3, 2024

Compliance Risk Assessments For a Dynamic Regulatory Terrain Crafting an effective compliance program is no one-size-fits-all endeavor; it involves tailoring a comprehensive strategy that addresses your company’s unique needs and confronts specific challenges head-on.

Risk

Risk Technology Accountability Marketing

One in Five Public-Facing Cloud Storage Buckets Expose Sensitive Data

eSecurity Planet

NOVEMBER 17, 2022

Companies need to know what publicly exposed sensitive data is in their environment, Laminar said. “As long as S3 buckets can be configured for public access, there will [be] data exposures through S3 buckets,” UpGuard chief marketing officer Kaushik Sen wrote in a blog post earlier this year.

Data privacy

Data privacy Risk Marketing Passwords

GUEST ESSAY: A primer on the degrees of privacy tech companies assign to your digital footprints

The Last Watchdog

OCTOBER 13, 2021

Fundamentally this comes down to the underlying user identity, what data it contains, who generates that data, and where it resides. Check out the examples below from Forrester’s blog. The user most likely is not aware of what type of behavioral information is being collected on them or how it is actively being used.

eCommerce

eCommerce Data collection Consumer Protection Advertising

HITRUST vs. HIPAA: Ensuring Data Security and Compliance

Centraleyes

NOVEMBER 5, 2023

In this article, we’ll explore what sets them apart while addressing two common questions: “What’s the difference between HIPAA and HITRUST, and if I adhere to one, does it imply compliance with the other? Instead, compliance is demonstrated through risk assessments and control documentation.

Healthcare

Healthcare Risk Insurance Penetration Testing

2020 Predictions: New Challenges for Data Privacy and the 5G Hackathon

Thales Cloud Protection & Licensing

JANUARY 14, 2020

So what’s in store for data privacy and the rollout of of 5G technology? To appreciate the impact the GDPR has had, one only needs to look at the fines imposed by the various National Data Protection authorities last year, which have totaled approximately €500 million. Consumer Rights and Privacy Fines.

Data privacy

Data privacy IoT Data breaches Surveillance

Ways to Develop a Cybersecurity Training Program for Employees

Security Affairs

APRIL 15, 2022

Employees who fall for the phishing email are the ones you need to be extra careful about. However, employees who fell for the spear-phishing campaign are the ones you need to observe and invest your security training into. However, little to no effort is made toward strengthening defenses. Customize Your Security Training.

Cybersecurity

Cybersecurity Data privacy Data breaches Phishing

What’s in the NIST Privacy Framework 1.1?

Centraleyes

MARCH 14, 2024

Dylan Gilbert, a privacy policy advisor with the Privacy Engineering Program at NIST, emphasized the framework’s dynamic nature, stating, “The Privacy Framework is a ‘living’ tool meant to evolve to meet stakeholder needs, and the time has come to update to Version 1.1.” NIST seeks to bring the framework up to speed.

Government

Government Risk Artificial Intelligence Cybersecurity

The Biggest Blocker to Open Banking Success? Slow, Risky Data

Security Boulevard

JUNE 16, 2021

So far, it's been up to the market to decide what to do, but there are strong signs that will change soon. . A Pulse QA study commissioned by Delphix found less than 5% of European banks are fully prepared for SCA and compliance with previous PSD2 mandates. We've just got to get quicker, better, faster.” . For example, while U.S.

Banking

Banking Marketing Financial Services Retail

FedRAMP Rev 5: A Guide to Navigating the Latest Changes

Centraleyes

JANUARY 8, 2024

This approach assesses the effectiveness of each control in preventing, detecting, and responding to potential threats outlined in the MITRE ATT&CK Framework What’s New in FedRAMP Revision 5? The Federal Risk and Authorization Management Program (FedRAMP) is a cornerstone of cloud security, deeply rooted in the NIST 800-53 rev.

Passwords

Passwords Social Engineering Risk Backups

Schrems II – A few Things to Keep in Mind!

McAfee

JANUARY 28, 2021

A couple of days ago, I have been asked whether, notably thanks to the GDPR [1] and the CCPA [2] , we were seeing as professionals, a standardization in negotiations governing privacy terms. So, what’s next for us? Alas, we have possibly never been so much away of such harmonization. The SCCs are still valid, but not sufficient per se.

Encryption

Encryption Surveillance Government Technology

Choosing the Right Video Conferencing Service for you and your Enterprise

McAfee

APRIL 3, 2020

many times in the last few days as we need to communicate with our colleagues, business partners and customers when working remotely. I won’t discuss functionality in this blog – there are many places to find those comparisons, instead I will focus on the information you should review from a security and privacy point of view.

Encryption

Encryption Penetration Testing Authentication Firewall

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

You need to balance giving employees and customers easy access to data against keeping that information safe. Regulatory compliance. Evolving privacy regulations like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) mean ongoing headaches for cybersecurity, compliance and risk management teams.

Encryption

Encryption Data privacy Cloud Migration Risk

GUEST ESSAY: Here’s why managed security services — MSS and MSSP — are catching on

The Last Watchdog

MAY 20, 2022

Co-managed security services best suit those companies that capitalize a variety of security systems but lack the internal security personnel needed to monitor these solutions 24 hours a day, seven days per week. Another significant advantage is compliance support. Opting for an MSS helps you with all these aspects.

Marketing

Marketing Digital transformation Technology Cybersecurity

Data Privacy Day: Looking Back on the Privacy Events of 2020

Thales Cloud Protection & Licensing

JANUARY 27, 2021

CCPA Takes Effect…and Is Expanded Through CPRA. On January 1, 2020, the California Consumer Privacy Act (CCPA) of 2018 took full effect. Like GDPR, the CCPA has inspired other jurisdictions—Hawaii, Massachusetts, New Jersey, Pennsylvania, Puerto Rico, Rhode Island and Washington—to propose privacy bills. Are You Ready ?,”

Data privacy

Data privacy Encryption Data breaches Software

Post-GDPR Developments on Data Protection and Privacy Regulations Around the World

Thales Cloud Protection & Licensing

NOVEMBER 14, 2019

Businesses need to realize that there is an unavoidable move towards a global digital landscape where data and privacy protection laws and regulations will restrict the ways in which personal data can be used. Many of the new legal frameworks and regulations bring unknown future risks. Importance of data protection and privacy laws.

Technology

Technology Risk Telecommunications Internet

The Key Components and Functions in a Zero Trust Architecture

Thales Cloud Protection & Licensing

DECEMBER 17, 2020

In one of my previous blog posts, Zero Trust 2.0: These security approaches need to be supported through foundational components and functions, and should be based on key overarching principles to ensure the implemented architecture effectively meets new requirements. The Key Components and Functions in a Zero Trust Architecture.

Architecture

Architecture Authentication Accountability Engineering

Top 10 Cloud Privacy Recommendations for Businesses

McAfee

FEBRUARY 3, 2020

Laws such as CCPA and GDPR, not to mention vertical market regulations, make it clear how important this issue is to regulators, who take into account the security tools in use and their settings during investigations. So IT needs visibility into all cloud services, even those set up by individual users or small groups.

Technology

Technology Marketing Passwords Data collection

How better key management can close cloud security gaps troubling US government

Thales Cloud Protection & Licensing

FEBRUARY 28, 2024

How better key management can close cloud security gaps troubling US government madhav Thu, 02/29/2024 - 05:38 In my first blog on this topic I noted a Treasury Department report released last year listed six cloud security challenges financial sector firms face. The first step is to know what sensitive data you have and where it is.

Government

Government Encryption Marketing Big data

How better key management can close cloud security gaps troubling US government

Security Boulevard

FEBRUARY 28, 2024

How better key management can close cloud security gaps troubling US government madhav Thu, 02/29/2024 - 05:38 In my first blog on this topic I noted a Treasury Department report released last year listed six cloud security challenges financial sector firms face. The first step is to know what sensitive data you have and where it is.

Government

Government Encryption Marketing Big data

GDPR One Year Anniversary: What We’ve Learned So Far

Thales Cloud Protection & Licensing

JUNE 4, 2019

Do companies know exactly what is required of them to achieve compliance? On May 22, the European Commission published an infographic on compliance with and enforcement of the GDPR from May 2018 to May 2019. Are European citizens aware of their new rights? How has GDPR affected other global data protection regulations?

Data privacy

Data privacy Artificial Intelligence Data breaches Technology

Is California’s new privacy law just an Act? (CPRA)

BH Consulting

DECEMBER 9, 2020

When the California Consumer Privacy Act (CCPA) became effective on 1 January 2020, California became the first U.S. According to the State’s attorney general , CCPA “gives consumers more control over the personal information that businesses collect about them”. In this way, CPRA does not replace or repeal CCPA, but rather augments it.

Healthcare

Healthcare Government Insurance Risk

Cyber Security Informer

What is the CCPA and What’s Needed for Compliance?

From Google Cloud Blog: “Improving security, compliance, and governance with cloud-based DLP data…

Webinars

Trending Sources

How to prepare for the California Consumer Privacy Act

Webinars

Risk and Regulation: A Strategic Guide to Compliance Risk Assessment

One in Five Public-Facing Cloud Storage Buckets Expose Sensitive Data

GUEST ESSAY: A primer on the degrees of privacy tech companies assign to your digital footprints

HITRUST vs. HIPAA: Ensuring Data Security and Compliance

2020 Predictions: New Challenges for Data Privacy and the 5G Hackathon

Ways to Develop a Cybersecurity Training Program for Employees

What’s in the NIST Privacy Framework 1.1?

The Biggest Blocker to Open Banking Success? Slow, Risky Data

FedRAMP Rev 5: A Guide to Navigating the Latest Changes

Schrems II – A few Things to Keep in Mind!

Choosing the Right Video Conferencing Service for you and your Enterprise

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

GUEST ESSAY: Here’s why managed security services — MSS and MSSP — are catching on

Data Privacy Day: Looking Back on the Privacy Events of 2020

Post-GDPR Developments on Data Protection and Privacy Regulations Around the World

The Key Components and Functions in a Zero Trust Architecture

Top 10 Cloud Privacy Recommendations for Businesses

How better key management can close cloud security gaps troubling US government

How better key management can close cloud security gaps troubling US government

GDPR One Year Anniversary: What We’ve Learned So Far

Is California’s new privacy law just an Act? (CPRA)

Stay Connected