To be effective, cybersecurity policies and procedures must do more than merely help an organization achieve check-the-box compliance with regulatory requirements or security frameworks.
Last week, Didier Reynders, European Commissioner for Justice, and Dr. Andrea Jelinek, Chair of the European Data Protection Board (EDPB), appeared at a hearing conducted by the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs, and updated committee members on their work since the Schrems II decision.
In his remarks, Mr. Reynders identified three main areas on which the Commission is focusing.
2018 brought a lot of change to small business. In the wake of many new cybersecurity threats and breaches, the National Institute of Standards and Technology (NIST) Small Business Cybersecurity Act was passed into law in August 2018, and it requires NIST to provide cybersecurity resources to small and medium-sized businesses (SMBs) to help protect them against future problems.
The growing threat of cyberattacks is a huge cause for concern. According to some of the country’s foremost intelligence experts, the U.S. may encounter a massive cyberattack on the horizon. An attack of this scale is predicted to cause damage comparable to a Category 5 hurricane, where everything from vehicles to pacemakers could be compromised. The country needs to be ready – and not just the public sector. Private businesses, regardless of size, would be taking an extreme risk if the necessary precautions are not put into place.
Only 29% of healthcare organizations report having a comprehensive security program in place.
December 1, 2018
Six months after the EU’s General Data Protection Regulation (GDPR) went into effect, enterprises are finding that privacy regulation is costing more than anticipated.
The Federal Energy Regulatory Commission (FERC) released a final rule last week approving three new Critical Infrastructure Protection (CIP) standards addressing supply chain risk management for bulk electric systems.
Even at their most basic, information security programs are complex and include a seemingly endless combination of controls to detect, prevent and respond to data loss.
In today’s world, global organizations face immense pressure to ensure their business is constantly evolving to meet the changing nature of the world. Business growth is driven by dynamic interactions – employees are increasingly mobile, on the road and working remotely to support their objectives.