Compliance

The latest compliance technology and best practices to help organizations meet data privacy and security requirements.

  • China’s Data Privacy Law Poses Challenge for International Companies

    Businesses that have spent the past three-plus years adapting to the European Union’s far-reaching data privacy law now have to decide how they will respond to a similar law in China that has been criticized as being more vague in its wording and harsher in its penalties. China’s Personal Information and Privacy Law (PIPL), enacted…


  • MITRE, CISA Reveal Dangerous Hardware & Software Vulnerabilities

    It’s been an active week for security vulnerabilities, with MITRE and the U.S. Cybersecurity & Infrastructure Agency (CISA) revealing hundreds of critical vulnerabilities. CISA ordered federal agencies to patch a list of nearly 300 vulnerabilities, and encouraged private organizations to fix them too. CISA said the list will be updated as any vulnerability meets three…


  • SBOMs: Securing the Software Supply Chain

    As threat actors aim at IT supply chains, enhanced cybersecurity has been the recent driving force for industry adoption of the Software Bill of Materials (SBOM) framework. With a simple list of components that make up a software product, SBOMs enhance transparency between software buyers and sellers, provide the necessary visibility to identify vulnerabilities, and…


  • Apple Patches Vulnerabilities in iOS Exploited by Spyware

    Apple continues to be haunted by spyware developed by an Israeli security firm that hostile governments used to hack into Apple devices to spy on journalists, activists and world leaders (see Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal). News of the nefarious uses of NSO Group’s Pegasus software first surfaced in July.…


  • Homomorphic Encryption Makes Real-World Gains, Pushed by Google, IBM, Microsoft

    The increasing mobility of data, as it ping-pongs between clouds, data centers and the edge, has made it an easier target of cybercrime groups, which has put a premium on the encryption of that data in recent years. Cybersecurity vendors have stepped up, developing strong and efficient ways to encrypt data both while it’s at…


  • White House to Corporate America: Take Ransomware Threat Seriously

    The National Security Council is sending a memo to U.S. companies urging them to take the ransomware threat more seriously as the Biden Administration ramps up its responses following recent attacks linked to Russia-based hacker groups on two major corporations. In the open letter dated June 3, Anne Neuberger, the NSC’s cybersecurity adviser, said that…


  • Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

    The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. A report this month from the Government Accountability Office (GAO) found that…


  • Top GDPR Compliance Security Companies & Solutions

    The European Union’s new General Data Protection Regulation (GDPR) has ushered in sweeping new data privacy and security regulations – and with it a new way of doing business for security vendors. The implementation deadline of May 25, 2018 has come and gone, and now enterprises across the globe are grappling with how GDPR affects…


  • CCPA Compliance Checklist & Requirements

    When the California Consumer Privacy Act (CCPA) – sometimes referred to as AB-375 – takes effect on Jan. 1, 2020, it will impose a host of obligations on all but the smallest companies that do business with California residents. The risks for businesses that don’t comply with CCPA are severe: They can be fined up…


  • One Year into GDPR: What’s Changed?

    The EU’s General Data Protection Regulation (GDPR) was implemented a year ago on May 25, 2018. The sweeping data privacy law offers individual users the “right to be forgotten,” requires notification within 72 hours of the discovery of a data breach, and threatens companies with fines of as much as 4 percent of annual revenue…


Top Cybersecurity Companies

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis