Compliance and Education - Information Management Today

Iran-linked group APT33 adds new Tickler malware to its arsenal

Security Affairs

AUGUST 28, 2024

The group continued to carry out password spray attacks targeting the educational sector for infrastructure procurement and focused on the satellite, government, and defense sectors for intelligence gathering. They also leveraged compromised accounts from educational institutions to create additional Azure tenants.

IT

IT Education File names Passwords

Google announced end-to-end encryption for Gmail web

Security Affairs

DECEMBER 18, 2022

Google introduces end-to-end encryption for Gmail web to its Workspace and education customers to protect emails sent using the web client. The IT giant announced that the client-side encryption in Gmail on the web will be available in beta for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers.

Encryption

Encryption Education Compliance Cloud

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

The Last Watchdog

JANUARY 2, 2024

Lack of security awareness and education. Often, employees within organizations lack sufficient security awareness and education. Organizations need to invest in cybersecurity training programs to educate their employees about security best practices. Compliance and regulatory requirements.

Risk

Risk Security awareness Education Compliance

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Experts warn of scanning activity for critical SAP SolMan flaw after the release of exploit

Security Affairs

JANUARY 21, 2021

A successful attack exploiting this vulnerability would put an organization’s mission-critical SAP applications, business process and data at risk—impacting cybersecurity and regulatory compliance. Last week, Dmitry Chastuhin released a PoC exploit code for CVE-2020-6207 for educational purposes.

Authentication

Authentication Compliance GDPR Risk

News alert: AppDirect poll reveals company leaders losing sleep over cyber risks, compliance

The Last Watchdog

NOVEMBER 28, 2023

The results show that while 92% of IT business leaders believe they’ve made the right security investments and 88% say they meet all compliance requirements, half are kept up at night over their company’s security. Their top areas of concern include cybersecurity risk (58%), information security risk (53%) and compliance risk (39%).

Compliance

Compliance Risk B2B Cybersecurity

Happy Compliance Officer Day!

Thales Cloud Protection & Licensing

SEPTEMBER 25, 2023

Happy Compliance Officer Day! Here’s the thing about compliance, most people know that it’s necessary, but it can often be seen as an arduous blocker to doing fun things like cycling on your own - or growing a business in a fast-paced digital economy! In the world of IT, the compliance officer's role is not a glamorous one.

Compliance

Compliance GDPR Risk Education

GUEST ESSAY: The case for network defenders to focus on leading — not lagging — indicators

The Last Watchdog

JANUARY 17, 2022

If targets such as defect density or compliance to scanner policy (i.e. This is exacerbated when factoring in the security and compliance defects that can’t be scanned for, like obtaining consent for privacy laws. The topics are often complex and require contextual education for non-security experts to interpret correctly.

Sales

Sales Compliance B2B Risk

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

The Last Watchdog

FEBRUARY 11, 2024

Related: The case for augmented reality training Because of this, cybersecurity investments and regulatory oversight are increasing at an astounding rate , especially for those in the financial services industry, bringing an overwhelming feeling to chief compliance officers without dedicated security teams.

Risk

Risk IT Financial Services Cybersecurity

XDR for ChromeOS: What Does It Mean for the Cyber Industry?

Data Breach Today

MAY 3, 2023

CrowdStrike's Michael Sentonas on Aiding Education Clients With XDR for Chromebooks CrowdStrike has focused on bringing its extended detection and response technology to users with less expensive devices such as Chromebooks by adding support for Google's ChromeOS.

IT

IT Education Compliance Security

Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns

Security Affairs

APRIL 1, 2023

If the company will fail to notify Italy’s data protection agency it will be fined up to EUR 20 million or 4% of the total worldwide annual turnover in compliance to the General Data Protection Regulation (GDPR). We are also temporarily pausing subscription renewals in Italy so that users won't be charged while ChatGPT is suspended.

Privacy

Privacy Personal data GDPR Compliance

GUEST ESSAY: A roadmap for the finance teams at small businesses to improve cybersecurity

The Last Watchdog

SEPTEMBER 25, 2023

Adequate IT compliance. Every business has a standard of IT compliance that team members are accountable for upholding. If you have concerns about protecting your financial data, consider hiring a data protection officer or an outside firm to help you maintain compliance. Stay educated. Stay proactive.

Cybersecurity

Cybersecurity Data breaches Compliance Phishing

The Problem With the Small Business Cybersecurity Assistance Act

Security Affairs

JULY 18, 2019

Small Business Development Center (SBDC) locations to secure educational materials, enroll in programs, and work with representatives from the Department of Homeland Security to better understand and confront cyber threats and risks. What Does the SBCAA Seek to Accomplish? But because this service goes underfunded and unheralded, the U.S.

Cybersecurity

Cybersecurity Education Government Risk

News alert: INE Security advisory: The steep cost of neglecting cybersecurity training

The Last Watchdog

AUGUST 20, 2024

Compliance costs Neglecting cybersecurity training also exposes organizations to regulatory risks. Non-compliance with frameworks such as GDPR in Europe or HIPAA in the United States can result in substantial fines. This type of education is crucial, as human error remains one of the leading causes of security failures.

Cybersecurity

Cybersecurity Security Education Compliance

Tips for Gamifying Your Cybersecurity Awareness Training Program

Security Affairs

NOVEMBER 29, 2022

In today’s technological world, educating people about cybersecurity awareness is an absolute necessity. It is important when developing and implementing these programs to be aware of what methods of education work best. While cybersecurity awareness training can take many forms, most training programs are computer-based.

Cybersecurity

Cybersecurity Data breaches Education Security

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education. million to mitigate the May Royal ransomware attack appeared first on Security Affairs.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

Your PCI-DSS v4.0 Roadmap: Charting a Course of Education, Analysis & System Enhancements

Thales Cloud Protection & Licensing

JULY 4, 2024

Roadmap: Charting a Course of Education, Analysis & System Enhancements josh.pearson@t… Thu, 07/04/2024 - 07:00 The Payment Card Industry Data Security Standard (PCI-DSS) v4.0 Your time to comply will be dependent on where you are on your PCI compliance journey and when your existing certification expires. Your PCI-DSS v4.0

Education

Education Compliance Cloud Customer Experience

Information Governance – 3 Common Pitfalls and How to Avoid Them

AIIM

SEPTEMBER 7, 2021

Generally, regulatory compliance or litigation activities are at the top of the list and often spur the creation of the IG program itself, but that's just the start of the list of IG benefits. How to Avoid/Overcome: Overcome this issue by addressing objections directly with good communication and contextual education.

Information governance

Information governance Government Communications Education

Video: How Hackers Steal Your Cookies & How to Stop Them

eSecurity Planet

NOVEMBER 6, 2024

This can damage your reputation and lead to legal consequences, especially for businesses, who may face fines, lawsuits, and compliance issues. Train Your Admin & Staff Educate personnel on the risks of session hijacking and best practices for prevention to foster a security-conscious culture.

Passwords

Passwords Phishing Authentication Risk

GUEST ESSAY: The rise of ‘PhaaS’ — and a roadmap to mitigate ‘Phishing-as-a-Service’

The Last Watchdog

SEPTEMBER 21, 2022

Businesses can respond to the rise of PhaaS services in three ways: •Heed cybersecurity standards and compliance rules. Many industries implement cybersecurity standards and compliance requirements to protect businesses and their clients or customers. Leverage security software. PhaaS is not going anywhere.

Phishing

Phishing Artificial Intelligence Cybersecurity Compliance

Five Steps to Win the Battle Against Information Chaos in 2021

AIIM

APRIL 15, 2021

You can have some great, fantastic ideas about what you want to do with information, but you need to be able to educate everyone up and down the stack about what you are planning. Or does management worry about more reputational risk, which makes any potential fine for non-compliance pale into insignificance?

Education

Education Records Management GDPR Risk

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The only way to tackle this challenge is to educate the users about these threats and their potential implications. Well, users hope that companies will look at their security not as compliance with the rules, but as natural responsibility. They go as far as to suggest that enterprises should act beyond the law. What does this mean?

IoT

IoT Cybersecurity Passwords Manufacturing

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

Thales Cloud Protection & Licensing

JANUARY 11, 2023

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List. Throughout 2022, Thales hosted more than 40 webinars on a wide variety of cybersecurity topics, including, cloud security, data sovereignty, compliance, data threat trends, and rethinking approaches to role-based authentication.

Compliance

Compliance Cloud Security Financial Services

The state of secure information management: Strategies for securing access and protecting sensitive data

OpenText Information Management

NOVEMBER 27, 2024

This presents an opportunity for education and training programs in the industry. OpenText Data Privacy and Protection offers a data security platform that helps you secure data, reduce risks, improve compliance, and govern access. Learn more about our trusted AI data protection and access management solutions.

Access

Access Security Data Privacy Compliance

CISA JCDC Will Focus on Energy Sector

Security Affairs

APRIL 5, 2023

About the Author: Michael Sanchez , CEO (CISA), has over 35 years of experience in information technology, cybersecurity, physical security, risk, compliance, and audit.

Energy and Utilities

Energy and Utilities Risk Cybersecurity Compliance

OWASP Top 10 for LLM (Large Language Model) applications is out!

Security Affairs

AUGUST 3, 2023

The project aims to educate developers, designers, architects, managers, and organizations about the security issues when deploying Large Language Models (LLMs). However the project could be interest to other stakeholders in the LLM ecosystem, including scholars, legal professionals, compliance officers, and end users.

Access

Access Risk Education Security

Webinar: Southern California Inland Empire ARMA Chapter presents “Planning your IG Compliance Roadmap” on June 12, 2023 at Noon Pacific

IG Guru

JUNE 13, 2023

Planning your IG Compliance Roadmap Achieving IG compliance is a journey that can’t be completed without a roadmap. Please join us for our next Chapter Meeting (via Webinar) on Wednesday, June 21, 2023 from 12:00 – 1:00 Pacific Standard Time.

Compliance

Compliance Education Information governance Government

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Let’s explore what to expect from the upcoming regulations, provide insights into critical federal and state laws, and offer practical compliance and risk management strategies. These regulations often set standards for cybersecurity practices, incident reporting, and compliance requirements. What are Federal Cybersecurity Regulations?

Cybersecurity

Cybersecurity Computer and Electronics Compliance Privacy

How to fill a public records request: Common Council committee meeting video

Preservica

NOVEMBER 9, 2021

Sharing meeting minutes and videos are one of the ways that public sector employees meet compliance and open records regulations. This educational series will regularly feature new video assets. Transparency of government operations and decisions to the public is of the utmost importance. Check back to see what’s new!

Digital preservation

Digital preservation Records Management Archiving Government

Solid Data Security: The Foundation of a Safe Digital World

Thales Cloud Protection & Licensing

OCTOBER 16, 2024

The Human Element: Educating and Empowering Employees But really, Cybersecurity Awareness Month is about the human element of security. Incorporating employee training programs and ongoing education in an organization’s security strategy is crucial to ensuring data security.

Security

Security Encryption Data breaches Cybersecurity

Leveraging Metadata for Enhanced Information Governance

Gimmal

NOVEMBER 21, 2024

Organizations are inundated with vast amounts of data—managing this data efficiently is crucial for compliance, productivity, and overall business success. Facilitate Compliance and Governance : Use metadata to automate records management processes, apply retention policies, and ensure regulatory compliance.

Metadata

Metadata Information governance Government Records Management

Four Steps to Building a Data-Driven Culture

erwin

JULY 22, 2020

IT and the business will need to take responsibility for selling the benefits of data governance across the enterprise and ensure all stakeholders are properly educated about it. Ensure Company-Wide Compliance : Compliance isn’t just about government regulations. The business needs to have a role in the justification.

Government

Government Digital transformation Compliance Education

Top 9 Network Access Control (NAC) Solutions

eSecurity Planet

MARCH 14, 2021

NAC can set policies for resource, role, device and location-based access and enforce security compliance with security and patch management policies, among other controls. The company started in education and has expanded to government and corporate markets. It offers a rule-based architecture to automate access based on use cases.

Access

Access Compliance Authentication Education

Top Data Loss Prevention (DLP) Solutions

eSecurity Planet

APRIL 13, 2022

DLP technology provides a mechanism to help protect against sensitive data loss—and thus could also be something of a mitigating factor when dealing with compliance agencies in the wake of a data breach. Educate users on proper data handling policy. Other critical sources of data include intellectual property (IP) and trade secrets.

Compliance

Compliance Cloud Encryption Risk

Intelligent Information Management (IIM) Policies and the Law - Part 2

AIIM

JUNE 4, 2020

Ordinarily, an employee cannot escape disciplinary action for non-compliance on the grounds that the policy wasn't put into effect until after the employee was hired. Like Part 1, this article cannot be taken as legal advice; it is for educational purposes only. How Do Policies and Contracts differ?

Paper

Paper Compliance Records Management Education

The EU AI Act is here. Are you ready?

Collibra

AUGUST 1, 2024

Catastrophic monetary, reputational, security and compliance risks are all possibilities with poor AI. In theory, organizations could be out of compliance with both the EU AI Act and GDPR at the same time, facing combined monetary penalties. The full text of the EU AI Act can be found here. What are general-purpose AI (GPAI) models?

Compliance

Compliance GDPR Risk Government

The importance of computer identity in network communications: how to protect it and prevent its theft

Security Affairs

DECEMBER 9, 2020

The service management system, before granting the interlocutor access to the resources, will have to start an identification process to verify the correspondence of the specific identity attributes in compliance with the fundamental protection parameters for IT security: confidentiality and integrity of information, interlocutors authentication and (..)

Communications

Communications IT Authentication Encryption

News alert: Hornetsecurity launches new podcast series all about overcoming cybersecurity risks

The Last Watchdog

AUGUST 31, 2023

The informative and educational series has already looked at topics such as AI and whether ChatGPT could conduct a cyberattack, discussions around Hornetsecurity’s recent compliance survey, as well as a conversation with Microsoft Certified Trainer on how secure Microsoft 365 actually is.

Cybersecurity

Cybersecurity Risk Education Security awareness

Blackbaud to Pay $49.5 Million in Data Breach Settlement

Hunton Privacy

OCTOBER 12, 2023

a software provider for the philanthropy, healthcare, and education sectors, has resolved claims that the District of Columbia and 49 U.S. On October 5, 2023, Blackbaud Inc., states raised. The claims stem from a ransomware attack that impacted Blackbaud in 2020.

Data breaches

Data breaches Ransomware Education Encryption

GUEST ESSAY: The Top 10 cybersecurity shortfalls that put SMBs, enterprises at elevated risk

The Last Watchdog

APRIL 17, 2023

A robust risk management program should include regular assessments of security controls and audits to ensure compliance with industry standards and best practices. A lack of a risk management program or support from senior management is a glaring weakness in your cybersecurity strategy. Tick-in-the-box training.

Risk

Risk Cybersecurity Data breaches Access

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

The Last Watchdog

JULY 11, 2023

It’s important to educate staff on the significance of data protection, potential security threats and proper handling of sensitive information. He has over 25 years of global leadership experience within the financial services industry, having spearheaded development across Electronic Trading, OMS, Risk, Compliance and Data.

Encryption

Encryption IT Risk Financial Services

ECM vs. Content Services vs. Intelligent Information Management

AIIM

JUNE 25, 2020

Here at AIIM, we’ve been providing independent research, educational training, and certification for over 70 years. In recent years, nothing has sparked more controversy in the information management industry than the 2017 Gartner post officially retiring the term “Enterprise Content Management (ECM)” in favor of a new term, content services.

Content services

Content services ECM Analytics Cloud

Train Your Team to Ensure You Achieve ISO 27001 Certification

IT Governance

OCTOBER 26, 2022

They are also usually responsible for selecting and training an implementation team that includes risk management, information security, audit and compliance specialists. The ISO 27005 risk management standard describes how to conduct an information security risk assessment to achieve certification to and maintain compliance with ISO 27001.

Compliance

Compliance Risk Education Information Security

Go Beyond FIDO Standards: Best Practices When Deploying FIDO Security Keys in Enterprise

Thales Cloud Protection & Licensing

FEBRUARY 19, 2025

These include: User Experience and Education The Learning Curve : Transitioning from traditional passwords to FIDO keys requires users to adapt to a new authentication method. This practice strengthens security policies and ensures compliance with regulatory standards. Benefit from FIDO 2.1 standard (i.e.,

Security

Security Authentication Passwords Risk

Ready or Not: Building & Deploying AI-Ready Data

Gimmal

DECEMBER 17, 2024

The discussion shed light on the challenges, risks, and practical strategies for building AI-ready data while ensuring compliance, security, and ethical considerations. Educate employees on: Where to store data Proper naming conventions Sharing protocols Data retention practices This step focuses on change management and user behavior.

Information governance

Information governance Government Compliance Risk

Iran-linked group APT33 adds new Tickler malware to its arsenal

Google announced end-to-end encryption for Gmail web

Webinars

Trending Sources

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

Webinars

Experts warn of scanning activity for critical SAP SolMan flaw after the release of exploit

News alert: AppDirect poll reveals company leaders losing sleep over cyber risks, compliance

Happy Compliance Officer Day!

GUEST ESSAY: The case for network defenders to focus on leading — not lagging — indicators

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

XDR for ChromeOS: What Does It Mean for the Cyber Industry?

Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns

GUEST ESSAY: A roadmap for the finance teams at small businesses to improve cybersecurity

The Problem With the Small Business Cybersecurity Assistance Act

News alert: INE Security advisory: The steep cost of neglecting cybersecurity training

Tips for Gamifying Your Cybersecurity Awareness Training Program

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Your PCI-DSS v4.0 Roadmap: Charting a Course of Education, Analysis & System Enhancements

Information Governance – 3 Common Pitfalls and How to Avoid Them

Video: How Hackers Steal Your Cookies & How to Stop Them

GUEST ESSAY: The rise of ‘PhaaS’ — and a roadmap to mitigate ‘Phishing-as-a-Service’

Five Steps to Win the Battle Against Information Chaos in 2021

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

The state of secure information management: Strategies for securing access and protecting sensitive data

CISA JCDC Will Focus on Energy Sector

OWASP Top 10 for LLM (Large Language Model) applications is out!

Webinar: Southern California Inland Empire ARMA Chapter presents “Planning your IG Compliance Roadmap” on June 12, 2023 at Noon Pacific

2024 Cybersecurity Laws & Regulations

How to fill a public records request: Common Council committee meeting video

Solid Data Security: The Foundation of a Safe Digital World

Leveraging Metadata for Enhanced Information Governance

Four Steps to Building a Data-Driven Culture

Top 9 Network Access Control (NAC) Solutions

Top Data Loss Prevention (DLP) Solutions

Intelligent Information Management (IIM) Policies and the Law - Part 2

The EU AI Act is here. Are you ready?

The importance of computer identity in network communications: how to protect it and prevent its theft

News alert: Hornetsecurity launches new podcast series all about overcoming cybersecurity risks

Blackbaud to Pay $49.5 Million in Data Breach Settlement

GUEST ESSAY: The Top 10 cybersecurity shortfalls that put SMBs, enterprises at elevated risk

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

ECM vs. Content Services vs. Intelligent Information Management

Train Your Team to Ensure You Achieve ISO 27001 Certification

Go Beyond FIDO Standards: Best Practices When Deploying FIDO Security Keys in Enterprise

Ready or Not: Building & Deploying AI-Ready Data

Stay Connected