compliance
What financial records do companies need to keep, and for how long?
Companies generate stacks of documents and managing them correctly is crucial. It can be complicated to balance organizational requirements, employee interests, and legal …
Defining risk controls that actually work
Previously, we looked at practical ideas for conducting the complex information security risk assessments that all enterprises should regularly perform. The right methodology …
Examining security process maturity in 400 organizations
There’s an overall failure in maturity of security processes of over 400 organizations in industries ranging from e-commerce, retail and payment processor to …
Companies unprepared to deal with mobile attacks, synthetic identity fraud, CCPA compliance
There is a growing impact of large-scale data breaches and fraud on consumer trust and the critical need for businesses to balance the digital consumer experience with strong …
Rapid SaaS adoption compounds visibility concerns
The stakes are higher than ever to ensure that their organizations are protected from a security and compliance perspective, but new survey data from Blissfully shows that IT …
Being compliant with laws and regulations is not a guarantee against data breaches
Compliance is not a guarantee against data breaches. These are the results of the Advisera survey carried out with 605 respondents, coming from countries on five continents, …
Security and compliance gaps of ineffective employee onboarding and offboarding
There are significant gaps in the compliant management of employee resources throughout the employment lifecycle. Just 15% of employees have all the resources they require to …
Assessing risk: Measuring the health of your infosec environment
There is an uncomfortable truth that many organizations are not conducting comprehensive assessments of their information security risk; or those that do aren’t getting much …
Companies vastly overestimating their GDPR readiness, only 28% achieving compliance
Over a year on from the introduction of the General Data Protection Regulation (GDPR), the Capgemini Research Institute has found that companies vastly overestimated their …
Organizations continue to struggle with privacy regulations
Many organizations’ privacy statements fail to meet common privacy principles outlined in GDPR, CCPA, PIPEDA, including the user’s right to request information, to …
Only one quarter of retail banks have adopted an integrated approach to financial crime systems
Most banks plan to integrate their fraud and financial crime compliance systems and activities in response to new criminal threats and punishing fines, with the U.K. leading …
More than a year after GDPR implementation, half of UK businesses are not fully compliant
52% of UK businesses are not fully compliant with the regulation, more than a year after its implementation, according to a survey of UK GDPR decision-makers conducted on …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)