This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies By closing this message or continuing to use our site, you agree to our cookie policy. Learn MoreThis website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
While providing access for third-party, non-employees is critical to meeting business objectives, it oftentimes has the unintended consequence of exponentially increasing an organization’s attack surface. With the proper identity-proofing practices and capabilities in place, organizations can verify the identities of their users, support risk management initiatives and better protect critical assets – eliminating the third-party risk management blind spots.
The EDPB’s FAQs resolve some open questions, such as whether there will be a grace period for companies relying on Privacy Shield, but raise other questions, such as what “supplementary measures” companies need to put in place to use Standard Contractual Clauses and Binding Corporate Rules.
In the wake of the Court of Justice of the European Union’s Schrems II judgment, on July 23, 2020, the European Data Protection Board (EDPB) adopted a Frequently Asked Questions document to “provide initial clarification and give preliminary guidance to stakeholders on the use of legal instruments for the transfer of personal data to third countries, including the U.S.” The EDPB stated that the document will be updated, and further guidance provided, as it continues to examine and consider the judgment. The six-page FAQs provides the following guidance.
Outsourcing has become a vital part of most business strategies. Not only is it a way to save money, but it’s a simple way to take advantage of expertise you might not currently have in house. But outsourcing can also leave companies vulnerable if the third-party doesn’t have proper cybersecurity procedures.
Rutter's, a chain of convenience stores and gas stations with 72 locations in Central Pennsylvania, West Virginia, and Maryland, has provided a notice to its customers of a data breach incident.
On October 10, 2019, the California Attorney General's office published its long-awaited proposed California Consumer Privacy Act (CCPA) regulations. What are they, and what should enterprises do to achieve compliance and avoid costly fines?
On October 10, 2019, the California Attorney General’s (AG) office published its long-awaited proposed California Consumer Privacy Act (CCPA) regulations. The AG’s office also announced that it will hold public hearings on the regulations on December 2-5.
News industry websites are at a higher risk of user-data breach or data misuse compared to other industries, the 2019 Feroot User Security and Privacy report found.
When undertaking a cloud migration, it’s critical to remember that the security protocols that work in the enterprise will not necessarily work in the cloud.
No matter the size, airports are responsible for the security of all workers who are employed within their walls, on the tarmac, and grounds. The challenge is that 90 percent of those people don’t work for the airport. They work for the airlines, TSA or different vendors that reside as tenants within the airport.
The “gig economy” is about to consumerize the workplace to new levels, bringing changes that will significantly impact how CSOs and CISOs protect their businesses.