While most companies attempt to secure their data, many continue to fail their IT audits. When trying to determine whether your risk management program effectively mitigates risks, you need to find metrics that support your ability to comply with internal policies as well as external industry standards and regulatory requirements.

Highly regulated financial institutions often struggle with compliance management. As a financial institution matures its cybersecurity compliance program, the document management requirements often mean they need to find automated solutions that can create a single source of truth to ease audit stress.

As organizations seek to evolve their risk management strategies to drive stronger compliance programs, they increasingly seek to automate their compliance documentation. In cybersecurity, however, traditional data collection methods fail since cybercriminals continuously evolve their threat methodologies.

Effective information security management requires understanding the primary concepts and principles including protection mechanisms, change control/management, and data classification. However, those terms may feel overwhelming at first leading many businesses to follow compliance requirements blindly without fully understanding whether they effectively secure their systems, networks, and software.

Higher education finds itself facing a threat to its financial security even larger than student retention – data breaches. As colleges and universities begin to adopt mobile technologies, they also find themselves increasingly targeted by malicious actors. Understanding the recent security breaches impacting the industry can educate institutions about information security.

Most educators know about the federal student data privacy laws such as the Family Educational Rights and Privacy Act (FERPA) administered by the US Department of Education. However, modern schools increasingly adopt new technologies such as cloud service providers for managing everything from homework assignments in Google Drive to education data in records management data systems.

Heralded as the US version of the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) may be the catalyst for an all-new approach to privacy for companies. However, merely assuming that the CCPA is a GDPR-for-US can leave you stranded and, possibly, non-compliant.

Another year, another privacy law on the horizon. In 2018, the big push for compliance with the European Union General Data Protection Regulation (GDPR). In 2019, companies are reeling from the new law governing data protection passed by ballot initiative. The California Consumer Privacy Act (CCPA) intends to place on companies who collect California residents’ personal information. But the question remains, in the morass of regulatory writing, “What is the CCPA?