Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Legislation

GDPR Compliance Guide: A 9-Step Checklist

With many nuances to consider, adhering to the General Data Protection Regulation (GDPR) requirements can be a daunting task. After all, the entirety of the GDPR consists of a whopping 99 Articles. Fortunately, by following a GDPR security checklist, you can help your organization ensure that all required facets of data security are covered without sifting through pages and pages of legalese.

New SEC Rules Add Challenges in Uncertain Cyber Insurance Market

Jeremy King is a partner at Olshan Frome Wolosky. He wrote an article for Bloomberg where he analyzed cyber risk management issues that companies should prioritize in response to new SEC reporting requirements for cybersecurity incidents and threats. Here is a quick summary and I suggest you send the link to your InfoSec budget holder so that they can assess the importance. Ransomware is a big deal these days.

General Data Protection Regulation (GDPR) - The Story So Far

Do you remember where you were on 25th May 2018? Perhaps you were enjoying a Friday night drink with friends. Perhaps you were with family, relaxing after a busy week at work. I was actually having a GDPR Birthday party with friends and colleagues because 25th May 2018 was a landmark day for the world of Data Protection (yes, seriously, we had a party!). But the funny thing about the effective date of the then-new General Data Protection Regulation (GDPR) was that many saw it as a date to dread.

International Data Privacy Laws: A Guide

The push for data privacy has exploded in recent years, with regulations such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) leading the charge. This means consumers around the globe are gaining rights regarding how their data is collected, stored, processed and sold, as well as more ways to hold companies accountable when poor data security practices lead to data breaches involving personally identifiable information (PII).

Exploring the ePrivacy Directive

There are a variety of cybersecurity regulations in Europe, including the ePrivacy Directive, which focuses on enhancing data protection, processing personal data, and privacy in the digital age. This Directive, recently updated with the ePrivacy regulation, continues the European Union’s ongoing efforts to create cohesive and comprehensive European data protection and cybersecurity standards across all member states.

GDPR Compliance for US Companies

Numerous U.S.-based companies that operate online have customers from the European Union (EU) or other parts of the European Economic Area (EEA). If your business engages with these customers, it is subject to the EU’s General Data Protection Regulation (GDPR). This extensive data privacy regulation has an impact on many U.S. entities due to its extraterritorial reach.

The SEC's New Cybersecurity Regulations Part II: What Shareholders Should Know

It seems everyone is concerned about cybersecurity these days, and the investor community is no different. Shareholders are reading the headlines—ransomware attacks, data breaches, infrastructure disruptions—and they are wondering how these incidents could impact the companies that they invest in. Shareholders are about to get a lot more information from companies in the months ahead. In July 2023, the U.S.