Third-party security - Articles - Page 8

EDPB issues guidance for cross-border data transfers in wake of Schrems II judgment

The EDPB’s FAQs resolve some open questions, such as whether there will be a grace period for companies relying on Privacy Shield, but raise other questions, such as what “supplementary measures” companies need to put in place to use Standard Contractual Clauses and Binding Corporate Rules.

David M. Stauss

July 28, 2020

In the wake of the Court of Justice of the European Union’s Schrems II judgment, on July 23, 2020, the European Data Protection Board (EDPB) adopted a Frequently Asked Questions document to “provide initial clarification and give preliminary guidance to stakeholders on the use of legal instruments for the transfer of personal data to third countries, including the U.S.” The EDPB stated that the document will be updated, and further guidance provided, as it continues to examine and consider the judgment. The six-page FAQs provides the following guidance.

5 Tips for Minimizing Third-Party Risk

Grant McCracken

June 18, 2020

Outsourcing has become a vital part of most business strategies. Not only is it a way to save money, but it’s a simple way to take advantage of expertise you might not currently have in house. But outsourcing can also leave companies vulnerable if the third-party doesn’t have proper cybersecurity procedures.

Rutter's Suffers POS Malware Attack Exposing Payment Cards

February 17, 2020

Rutter's, a chain of convenience stores and gas stations with 72 locations in Central Pennsylvania, West Virginia, and Maryland, has provided a notice to its customers of a data breach incident.

CCPA Update: Analyzing the AG's Proposed Regulations

On October 10, 2019, the California Attorney General's office published its long-awaited proposed California Consumer Privacy Act (CCPA) regulations. What are they, and what should enterprises do to achieve compliance and avoid costly fines?

December 9, 2019

On October 10, 2019, the California Attorney General’s (AG) office published its long-awaited proposed California Consumer Privacy Act (CCPA) regulations. The AG’s office also announced that it will hold public hearings on the regulations on December 2-5.

DoorDash Reports Data Breach Impacting 5 Million Customers

September 27, 2019

DoorDash has announced it has suffered a massive data breach, involving the personal information of 4.9 million customers.

Outsourcing Data: Don't Take a Fairytale Approach

News Industry At Risk of Data Breaches, Data Misuse

June 27, 2019

News industry websites are at a higher risk of user-data breach or data misuse compared to other industries, the 2019 Feroot User Security and Privacy report found.

Who's Responsible for Cloud Security?

Cloud security is a shared responsibility. Consider these three key questions before outsourcing.

Steven Chabinsky

December 1, 2018

If your company relies upon third-party cloud providers to support or deliver core services, or to protect sensitive data, it’s crucial to understand that cloud security is a shared responsibility.

Mastering the Fundamentals of Cloud Security

Brad Bussie

August 2, 2018

When undertaking a cloud migration, it’s critical to remember that the security protocols that work in the enterprise will not necessarily work in the cloud.

How to Overcome Airport Identity Management Challenges

Kim Rahfaldt

May 8, 2018

No matter the size, airports are responsible for the security of all workers who are employed within their walls, on the tarmac, and grounds. The challenge is that 90 percent of those people don’t work for the airport. They work for the airlines, TSA or different vendors that reside as tenants within the airport.

Rethinking Identity Management in the Gig Economy

Sven Dummer

April 10, 2018

The “gig economy” is about to consumerize the workplace to new levels, bringing changes that will significantly impact how CSOs and CISOs protect their businesses.