Tag: regulation
-
21% of CISOs pressured to not report compliance issues
by
in SecurityNews
Tags: awareness, breach, business, ceo, ciso, compliance, control, corporate, cybersecurity, data, dora, finance, framework, governance, incident response, infrastructure, insurance, law, nis-2, regulation, resilience, risk, security-incident, trainingCISOs are increasingly getting caught between business pressures and regulatory obligations, leaving them struggling to balance corporate loyalty and legal accountability.To wit: One in five (21%) security leaders have been pressured by other executives or board members not to report compliance issues at their companies, according to a recent study by security vendor Splunk.The same…
-
Cybersecurity, government experts are aghast at security failures in DOGE takeover
by
in SecurityNewsElon Musk’s takeover of key systems across the federal government is ignoring decades of laws, regulations and procedures, experts told CyberScoop. First seen on cyberscoop.com Jump to article: cyberscoop.com/musk-doge-opm-treasury-breach/
-
DEF CON 32 Navigating the Turbulent Skies of Aviation Cyber Regulation
by
in SecurityNewsAuthors/Presenters: M. Weigand, S. Wagner Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/def-con-32-navigating-the-turbulent-skies-of-aviation-cyber-regulation/
-
5 ways boards can improve their cybersecurity governance
by
in SecurityNews
Tags: attack, breach, business, ciso, cloud, cyber, cybersecurity, data, election, endpoint, finance, gartner, governance, government, group, identity, incident, india, infrastructure, jobs, middle-east, network, ransomware, regulation, risk, skills, technology, threat, trainingAs chairman of the board for Cinturion Group, Richard Marshall is intimately involved in ensuring the security of the fiber optic network his company is constructing from India through the Middle East and on to Europe.The monumental Trans Europe Asia System (TEAS) will be difficult enough to build given it will be buried beneath thousands…
-
US takes aim at healthcare cybersecurity with proposed HIPAA changes
by
in SecurityNews
Tags: access, authentication, best-practice, breach, compliance, control, csf, cyber, cyberattack, cybersecurity, data, defense, detection, dora, encryption, finance, framework, government, group, healthcare, HIPAA, incident response, infrastructure, insurance, intelligence, jobs, law, malware, mfa, network, nist, penetration-testing, phishing, privacy, ransom, ransomware, regulation, resilience, risk, security-incident, service, skills, technology, threat, tool, update, usa, vulnerability, vulnerability-managementThe US Department of Health and Human Services (HHS) has launched a consultation on stricter rules for the safeguarding of electronic health records.The proposed revamp of security rules covered by the Health Insurance Portability and Accountability Act (HIPAA) is designed to address the increased risk from cyberattacks such as ransomware against healthcare environments.The revamped rules…
-
Privacy Roundup: Week 4 of Year 2025
by
in SecurityNews
Tags: access, ai, apt, attack, backup, botnet, breach, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, identity, infrastructure, korea, lazarus, leak, login, malicious, malware, north-korea, phishing, phone, privacy, regulation, remote-code-execution, risk, router, scam, service, software, startup, technology, threat, tool, update, virus, vulnerability, windowsThis is a news item roundup of privacy or privacy-related news items for 19 JAN 2025 – 25 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Cyber Insights 2025: Cybersecurity Regulatory Mayhem
by
in SecurityNewsCybersecurity regulations are facing a tipping point. There are too many and they are too complex to manage and it’s getting worse. The post Cyber Insights 2025: Cybersecurity Regulatory Mayhem appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cyber-insights-2025-cybersecurity-regulatory-mayhem/
-
Data Privacy Day 2025: A Chance to Take Control of Your Data
by
in SecurityNews
Tags: access, ai, awareness, business, cloud, compliance, control, country, data, encryption, governance, law, password, privacy, regulation, service, software, strategy, technology, toolData Privacy Day 2025: A Chance to Take Control of Your Data madhav Mon, 01/27/2025 – 09:19 Trust is the cornerstone of every successful relationship between businesses and their customers. On this Data Privacy Day, we reflect on the pivotal role trust plays in the digital age. It’s earned not just through excellent products or…
-
âš¡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]
by
in SecurityNewsWelcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we’re breaking down the sophisticated world of AI-driven threats, key updates in regulations, and some urgent vulnerabilities in healthcare tech that need our attention.As we unpack these complex topics, we’ll equip…
-
Box-Checking or Behavior-Changing? Training That Matters
by
in SecurityNewsExploring New Ways to Deliver and Measure Cybersecurity Awareness Programs Regulations like GDPR, HIPAA and CMMC have made security awareness training a staple of corporate security programs. But compliance is only part of the story. Organizations face an even deeper challenge: influencing employee behavior in ways that create a truly secure workplace. First seen on…
-
Security chiefs whose companies operate in the EU should be exploring DORA now
by
in SecurityNews
Tags: attack, business, ciso, compliance, conference, corporate, cyber, cybersecurity, data, detection, dora, finance, framework, GDPR, incident, network, regulation, resilience, risk, service, technology, threat, vulnerabilityIf your enterprise operates in Europe, you should care about the Digital Operational Resilience Act (DORA), which took effect on January 17. DORA, also known as Directive (EU) 2022/2555 of the European Parliament, aims to enhance and build the EU’s cybersecurity capabilities and it has been hanging like the Sword of Damocles over the heads…
-
Three Keys to Modernizing Data Security: DSPM, AI, and Encryption
by
in SecurityNews
Tags: access, ai, automation, best-practice, business, cloud, compliance, container, control, cyber, cybercrime, data, data-breach, detection, encryption, GDPR, incident response, infrastructure, privacy, regulation, risk, saas, security-incident, skills, software, strategy, threat, tool, vulnerabilityThree Keys to Modernizing Data Security: DSPM, AI, and Encryption andrew.gertz@t“¦ Tue, 01/21/2025 – 14:56 Organizations worldwide face a “perfect storm” of increasing and ever-evolving cyber threats. Internal and external factors are at play, elevating cyber risks and their consequences and mandating new approaches to safeguard data. A recent study based on responses from over…
-
EU privacy non-profit group filed complaints against TikTok, SHEIN, AliExpress, and other Chinese companies
by
in SecurityNewsnoyb files complaints against TikTok, AliExpress, and other Chinese companies for illegal EU user data transfers to China, violating data protection laws. Austrian privacy non-profit group None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully…
-
DORA Takes Effect: Financial Firms Still Navigating Compliance Headwinds
by
in SecurityNewsThe EU’s DORA regulation is in effect as of January 17, with mixed evidence around compliance levels among financial firms First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/dora-financial-firms-compliance/
-
Large Language Models and Regulations: Navigating the Ethical and Legal Landscape
by
in SecurityNewsLeverage the full potential of Large Language Models (LLMs) for your business while staying compliant. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/large-language-models-and-regulations-navigating-the-ethical-and-legal-landscape/
-
Biden Issues Final Maritime Cybersecurity Rules
by
in SecurityNewsWhite House Mandates Cyber Incident Response Plans Amid Growing Chinese Threat. Federal regulations unveiled Tuesday require the U.S. maritime industry to implement baseline cybersecurity measures amid concerns over exposure to attacks from adversaries such as China. The rules mandate cybersecurity plans and clearly-defined cyber positions in ports and maritime facilities. First seen on govinfosecurity.com Jump…
-
CISOs embrace rise in prominence, with broader business authority
by
in SecurityNews
Tags: ai, attack, business, ceo, cio, ciso, compliance, control, corporate, cyber, cyberattack, cybersecurity, data, governance, healthcare, infrastructure, intelligence, network, privacy, regulation, risk, risk-management, security-incident, strategy, technology, threat, updateIt’s a familiar refrain: As cybersecurity has become a core business priority, it is no longer a siloed operation, and the responsibilities of CISOs have grown, giving them greater prominence within the organization.According to CSO’s 2024 Security Priorities Study, 72% of security decision-makers say their role has grown to include additional responsibilities over the past…
-
SEC rule confusion continues to put CISOs in a bind a year after a major revision
by
in SecurityNews
Tags: attack, breach, business, ciso, citrix, compliance, control, cyber, cyberattack, cybersecurity, data, government, incident, incident response, law, network, privacy, regulation, risk, security-incident, software, strategy, supply-chainConfusion around when and how to report cybersecurity breaches continues to plague companies a year after revised US Securities and Exchange Commission (SEC) cybersecurity breach reporting rules came into effect, experts say.As the agency that regulates and enforces federal US securities laws continues to flex its enforcement muscles against organizations that violate the strict rules,…
-
European Court Fines European Commission for Privacy Breach
by
in SecurityNewsTransfer of German Man’s IP Address Wins Him 400 Euros. European privacy regulation – bane of American technology companies and a favorite cudgel of activists – came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.…
-
European Court Fines European Commission for Privacy Violation
by
in SecurityNewsTransfer of German Man’s IP Address Wins Him 400 Euros. European privacy regulation – bane of American technology companies and a favorite cudgel of activists – came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.…
-
European Court Fines European Commission for GDPR Violation
by
in SecurityNewsTransfer of German Man’s IP Address Wins Him 400 Euros. European privacy regulation – bane of American technology companies and a favorite cudgel of activists – came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.…
-
Court orders European Commission to pay its first-ever GDPR fine
by
in SecurityNewsA German citizen will receive Euro400 from the European Commission for a violation of the General Data Privacy Regulation (GDPR), the first time the EU’s executive arm will pay such a fine.]]> First seen on therecord.media Jump to article: therecord.media/european-commission-pays-gdpr-fine-german-citizen