Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Legislation

What is the PGPA Act 2013? Accountability in the Public Sector

The Public Governance, Performance and Accountability Act 2013 is a key piece of legislation that establishes a framework of governance, performance, and accountability for Australian government and Commonwealth organizations. The PGPA Act’s main goal is to ensure that all government bodies practice effective management of public resources and are transparent in their activities.

GDPR Compliance: The Critical Role of Data Protection Officers

The General Data Protection Regulation (GDPR) is a comprehensive data protection law covering the European Union (EU) and is widely regarded as one of the world’s strictest privacy regulations. The GDPR unifies data regulation within the EU and provides individuals control over their personal data. The GDPR includes information about Data Protection Officers (DPOs).

Preventing Cybercrime: Australia's Assistance and Access Act

As organizations and businesses undergo digital transformations, so do criminals and other nefarious actors. In today’s modern era, criminal activity frequently occurs online through digital communication channels, providing avenues for phishing, data loss, and security breaches.

Data Subject Access Request (DSAR): The Meaning, Procedures, and Challenges

Privacy is the individual’s right to control the use of their personal data, and DSAR is the mechanism by which individuals can enforce this right. This right to their own information, as used by an organization, is guaranteed by privacy laws like Europe’s General Data Protection Regulation (GDPR) and the California Consumer Protection Act (CCPA). If your organization collects and uses personal data, especially for European or Californian customers, you should be prepared to respond to DSARs.

Attesting to secure software development practices

It’s been almost three years since President Biden issued Executive Order 14028, and while we’ve heard vendors talk about “compliance with EO 14028” for about that long, the reality is that industry hasn’t had anything to comply with—until now. On March 11, CISA published the Secure Software Development Attestation Form as part of its obligations under OMB memo M-22-18 and the successor OMB memo M-23-16.

The European Union's Unified Approach to Cybersecurity: The Cyber Solidarity Act

The construction of a more cyber resilient European Union (EU) took a remarkable step forward this past week as negotiators from the European Parliament and the European Council reached a provisional agreement on the proposed Cyber Solidarity Act. Proposed last year, the Cyber Solidarity Act is composed of three key pillars that seek to crack the daunting challenge of detecting, preparing for, and responding to cybersecurity threats and incidents that shake up the security sphere.

Making Sense of the SEC's New Rules for Cybersecurity Risk and Disclosure (Part II)

Earlier this week, we debuted our mini-series on the SEC’s new cybersecurity rules. In case you missed it — and, understandably, don’t have the bandwidth to backtrack — Part I explored how the (seemingly perpetual) explosion in data creation, data value, and IT complexity since the dawn of the digital age has come to shape our society. In particular, we note why these trends are responsible for our current IT predicament, namely, the rise in threats, risks, and regulations.

Navigating the EU compliance landscape: How Detectify helps support customers in their NIS2 Directive, CER, and DORA compliance challenges

Navigating the complex and ever-changing compliance landscape is difficult for many companies and organizations. With many regulations, selecting the appropriate security tooling that aligns with the compliance needs of your business becomes a significant challenge.