compliance
1 in 5 executives take risks with sensitive data to meet regulatory demands
The Anti-Money Laundering Directive (AML), the EU-US Privacy Shield and the Market Abuse Directive (MAD) and Regulation (MAR) are the three biggest regulatory pressures across …
97 percent of companies don’t have a GDPR plan
Organizations ‒ both SMBs and large enterprises ‒ lack general awareness of the requirements of the new regulation, how to prepare for it, and the impact of non-compliance on …
SOC 2 + HITRUST: Evolving infosec demands in healthcare
Two-thirds of business associates are not fully prepared to meet the growing marketplace demands regarding controls for protecting healthcare information, such as patient …
Proposed cyber security requirements for New York State seem to be more of the same
This month, New York State Governor Andrew Cuomo announced proposed regulation that requires banks, insurance companies, and other financial services institutions regulated by …
PCI Council wants more robust security controls for payment devices
The PCI Council has updated its payment device standard to enable stronger protections for cardholder data, which includes the PIN and the cardholder data (on magnetic stripe …
Using ISO 27001 to improve your information security posture
ISO 27001 delivers direct benefits that improve an organisation’s information security posture, despite the ongoing struggle to convince boards of the importance of …
Is your business still HIPAA compliant after the 2016 federal changes?
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) warned healthcare professionals and their business associates of its intention to launch …
GDPR could create $320 billion in fines
Unsurprisingly, many consumer products organisations are taking risks with the security and privacy of their customer data. They are failing to put in place proper processes …
The EU-US Privacy Shield: What happens next?
Yesterday the European Commission formally approved the EU-US Privacy Shield, making transfers of personal data to the US legal under European law for companies that have …
Risk analytics market to experience serious growth
The risk analytics market is estimated to grow from USD 16.55 billion in 2016 to USD 30.18 billion by 2021, at a Compound Annual Growth Rate (CAGR) of 12.8%, according to …
Boardroom execs still don’t know the value of data
Almost two thirds of businesses still don’t know the value of critical data assets being targeted by cybercriminals. IRM surveyed security heads at their recent conference, …
Analyze your data: Where is it and who has it?
It is becoming widely recognized that “unknown” data leakage of PCI data, and more broadly other Personally Identifiable Information, within enterprises is the highest value …