Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The complex nature of the U.S. CLOUD Act (CLOUD Act) presents far-reaching implications for global data governance. In this article, we explore how this pivotal legislation is reshaping compliance requirements, transforming privacy frameworks and challenging traditional concepts of data sovereignty, as well as strategies and technologies to ensure compliance.

Encryption has become a vital data protection tool used by global governments, defense and enterprises. However, not all solutions use the same cipher techniques. Several encryption algorithms can be used to secure data with varying levels of security. To establish acceptable standards for encryption technologies utilized by the U.S. Government, the National Institute of Standards and Technology (NIST) published the Federal Information Processing Standards (FIPS) FIPS-140.

Protecting military secrets is critical to national security. It’s not just about securing information; it’s about ensuring our safety and maintaining a strategic advantage. Sweeping legislation, technology, and security protocols are in place to prevent classified information leaks within Defense, which extend down to Defense contractors. However, despite technological advances, humans remain the weakest link when it comes to protecting national secrets.

Personal information also referred to as personally identifiable information (PII) and Protected Personal Information (PPI), has a good and bad side for companies. All businesses record the personal information of their clients (names, debit/credit cards, address, etc.) to identify them and execute certain business operations. These business operations may range from meeting payrolls, to filling orders, and advertising. This makes the user and business operations run much faster and smoother.

Sensitive data is information that must be protected against unauthorized disclosure. It can be in physical or electronic form and includes PII (Personally identifiable information), PHI (Protected health information), and more. There are three main types of sensitive data that hackers and malicious insiders tend to exploit: personal, business, and classified information.

DoD, GSA, and NASA recently published a proposed amendment to the Federal Acquisition Regulation (FAR): Controlled Unclassified Information (FAR Case 2017-016) or ‘FAR CUI Rule’. It presents critical updates on managing Controlled Unclassified Information (CUI) in federal contracts, aiming to create a uniform approach across government agencies for handling and protecting sensitive information while addressing gaps in current policies.

The newly passed Australian Cyber Security Act is part of the reform laid out in the 2023–2030 Australian Cyber Security Strategy. The legislation aims to fill gaps in Australia’s overall cyber resilience and support the government’s ambition to become the most secure country globally.

Beware! Remote work and the variety of collaboration tools are making it easier than ever to access and share data, leaving sensitive information at risk from data vampires. Today, we share an old dark tale for you, but just as in Grimm’s fairy tales, the lessons are still frightfully relevant.

This week, the FBI announced it is investigating a classified data leak of U.S. intel on Israel’s plans to retaliate against Iran. The top-secret documents were exposed on the Telegram messaging app, and it’s unclear if it was a leak or hack. The investigation will center on the Defense Department’s National Geospatial-Intelligence Agency, which manages the country’s network of spy satellites and anyone with access to the classified document.

Coauthored with Eva Galfi, CEO & Principal Consultant, International Trade Advisors Pty Ltd The Department of Commerce’s Bureau of Industry and Security (BIS) implements and enforces the Export Administration Regulations (EAR) to regulate the export, reexport and transfer (in-country) commercial and less sensitive military items. If you need to comply with or learn more about US export control requirements, read our 6 W’s EAR Compliance to help you comply with these strict U.S.