The Monetary Authority of Singapore (MAS) is Singapore's central bank and financial regulatory authority. Along with regulating monetary policies, banking, and currency issuance, MAS sets standards for financial institutions' operational practices. MAS’ third-party risk management guidelines provide structure for financial institutions to ensure resilience against third-party outsourcing arrangements risks, including supply chain vulnerabilities and information security.

Man Bites Dog: In an unusual twist in cybercrime, the ransomware group BlackCat/ALPHV is manipulating the SEC's new 4-day rule on cyber incident reporting to increase pressure on their victims. This latest maneuver highlights a sophisticated understanding of regulatory impacts in ransomware strategies.

Data privacy has never been more critical for business success as it is today, and organizations worldwide are grappling with the stringent requirements of the General Data Protection Regulation (GDPR). One crucial aspect of GDPR compliance is maintaining a Record of Processing Activities (RoPA), which serves as a testament to an organization’s commitment to data protection. But what exactly is a RoPA, and how can organizations create and manage one effectively?

President Joe Biden, on October 30, signed the first-ever Executive Order designed to regulate and formulate the safe, secure, and trustworthy development and use of artificial intelligence within the United States. Overall, Trustwave’s leadership commended the Executive Order, but raised several questions concerning the government’s ability to enforce the ruling and the impact it may have on AI’s development in the coming years.

On October 30, U.S. President Joseph Biden issued a sweeping Executive Order (“EO”) focused on making AI safer and more accountable.

Imagine a world where you confidently navigate the complexities of General Data Protection Regulation (GDPR) compliance, streamline data processes, and safeguard sensitive information. Sounds enticing, right? The key lies in unlocking the secrets of GDPR data mapping. Let’s explore the ins and outs of this powerful process and learn how to harness its full potential for your organization.

US data transfers... are they allowed? Well. Yes. It depends....it’s complicated. Let’s get stuck in and I’ll explain all. In July this year, the EU Commission made an adequacy decision for the new EU-US Data Privacy Framework (DPF). This can be seen as Safe Harbor 3.0. Essentially, in most scenarios, data transfers from the EU to the US are now permitted without the need for other mechanisms such as Standard Contractual Clauses (SCCs).

Cybersecurity is a top risk for corporate directors to understand and navigate. The implications of cyber events for a company are many and growing: instantly damaged reputations that erode years of credibility and trust with customers and investors, impaired profitability from customer attrition and increased operating costs, lost intellectual property, fines and litigation, and harm to a company’s people and culture.

Quebec’s Law 25, also known as Bill 64, is a comprehensive data privacy law that introduces stringent requirements for organizations handling personal information. Non-compliance can have, and likely will have severe consequences for businesses, resulting in costly fines and reputation loss, which impact businesses greatly. Protegrity’s pseudonymization solutions can help organizations simplify Law 25 compliance and avoid fines.

Let’s explore the critical differences between SOC and SOX compliance. In the realm of information security and financial reporting, compliance enables organizations to build trust and transparency with stakeholders. To accomplish this, companies must adhere to specific regulations and standards. SOC and SOX represent two pivotal compliance frameworks that help maintain financial reporting integrity and data security.