As many countries in APAC are coming out with their own privacy laws, the region is fast becoming the epicenter of data protection developments around the globe, said Raymund Liboro, former commissioner and chairman of the National Privacy Commission, Philippines.
Many small and medium-sized businesses are facing "generational trauma" in trying to comply with a variety of regulatory and other compliance issues as these requirements are being demanded by their larger business partners, insurers and others, says Tarah M. Wheeler, CEO of Red Queen Dynamics Inc.
With new legal, contractual and cybersecurity requirements, the regulatory landscape is constantly changing on both local and national fronts. As a result, compliance can become increasingly difficult, leaving organizations with a certain amount of risk, said James Shreve, partner, Thompson Coburn.
Federal agents arrested the alleged administrator of the criminal underground forum BreachForums, tracing him to a small town in New York's Hudson Valley. FBI agents say Conor Brian Fitzpatrick, a resident of Peekskill, confessed to being "Pompompurin."
Federal officials recently froze the assets of Ethereum blockchain cryptocurrency mixer Tornado Cash, stating that civil and potentially criminal penalties await those who use the service. On this week's "Sound Off," crypto expert Ari Redbord explains why the sanctions are "exceptional."
Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.
In the U.S., three states now have disparate data privacy laws - and more are coming. Meanwhile, China has enacted a new law that has global enterprises scrambling. How will these and other actions shape privacy discussions in 2022? Noted attorney Lisa Sotto shares insights.
Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP, joins three ISMG editors to discuss important cybersecurity and privacy issues, including how U.S. enterprises are harmonizing three disparate privacy laws, and ransomware preparedness.
If you're not "on board" with the Functional Safety Standard EN 50128:2011 - “Railway
applications - Communication, signaling and processing systems - Software for
railway control and protection systems" - you'll need to run to catch up.
Currently the systems included under EN 50128 include
The Center for Internet Security (CIS) emphasizes continuous vulnerability management in its top 10 security controls. Given the complexity of the current digital landscape, many organizations face greater cyber-risk today. Adding to this woe is the rate at which vulnerabilities are burgeoning. The coverage of attack...
Election security improvements, the push for all software to ship with a "bill of materials" and the results of a long-running investigation into a lucrative digital advertising scam are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
Security has become everyone’s job, and its management has become a strategic concern of the enterprise. The way forward is for the enterprise to build a culture of security. AWS Enterprise Strategist Mark Schwartz describes approaches he's used to establish awareness of risks and controls along with a set of norms...
During the pandemic, two unusual and apparently unrelated trends have emerged - the rapid growth of the MSS (Managed Security Services) market and an increased demand for complex compliance management.
Read the latest CyberTheory Market report, Convergence of Compliance and MSSP/MDR results in a New Service...