New consumer privacy laws and innovative fraudsters have given security professionals much to do in a supercharged digital economy. As our digital footprints widen, bad actors are finding increasingly sophisticated ways to access troves of personal information and sensitive data.
Earlier this month, the European Commission announced that it has adopted “two sets of standard contractual clauses, one for use between controllers and processors and one for the transfer of personal data to third countries.” The new SCCs take into account new requirements under the General Data Protection Regulation as well as the Court of Justice’s Schrems II opinion.
Galvanize announced new findings from a national survey of governance, risk, and compliance (GRC) professionals that position the 2020s as the decade when the GRC industry embraces advanced technology. The data uncovered a strong post-pandemic push toward the adoption of cloud-based technology and revealed the critical value GRC professionals bring to the C-suite, as well as the top concerns from, and the evolving role of, GRC professionals.
Nuspire, managed security services provider (MSSP), announced the appointment of industry veteran, J.R. Cunningham, as Chief Security Officer. In this role, Cunningham will oversee Nuspire’s security strategy, oversight of policies and compliance, and the new Nuspire Security Program, which is a step-by-step program designed to help Nuspire’s customers build customizable security programs. Cunningham joins Nuspire with over 25 years of experience, building and maintaining security programs, security strategy consulting, cyber practitioner leadership and creating successful long-term client relationships through strategic consulting. I
COVID-19 brought with it a massive influx of data, most of it moving from a centralized location to the cloud (and other environments). Now, these businesses are trying to understand how to re-engineer their environment for the next 10+ years, in the advent of Zero Trust, SASE and more. How has COVID-19 impacted the need for cybersecurity consulting, specifically new trends, and Zero Trust? Here, we speak with Todd Waskelis, AVP of AT&T Cybersecurity, who leads AT&T’s cybersecurity consulting services.
As we continue to embrace hybrid work, chief information security officers (CISOs) and compliance teams are wading through and in some cases even overlooking many different areas related to collaboration security. We’ve highlighted the top three areas of risk in this post which should keep CISOs awake at night. The remote workplace continues to evolve at lightning speed, and so too should CISOs – or risk sensitive materials ending up in the wrong hands.
Data breach and privacy incidents occur daily at organizations of all sizes. It happens all too frequently. And while it is obvious that breaches continue impacting hundreds of thousands of lives, legal and compliance teams are not always brought in to manage each breach. With increased focus from regulators and law enforcement agencies to ensure organizations fulfill their obligations for post-breach notifications, legal teams can help quickly coordinate internal processes, and take swift action to begin the process of remediating damage and initiate immediate legal steps to protect the enterprise, and comply fully with all regulatory obligations. Here, we talk to AJ Samuel, co-Founder and Chief Product Officer at Exterro, about the many benefits of retaining legal counsel, who can better protect the integrity and confidentiality of the incident response.
Kroll has announced that the firm has promoted 18 colleagues to the managing director level in the United States, with a total of 31 practitioners promoted globally.
It’s simple: If you are using a legacy ecosystem, your compliance is at risk. The fact that your security hasn’t yet been compromised is no evidence of your safety; it really is a case of it being quiet, too quiet. When it comes to security breaches, it’s not a question of if, but when. Whether your household or institutional architecture, the full value of security is only appreciated after disaster has already struck.
