Compliance and Security - Information Management Today

BigID Raises $60M, Eyes M&A Around Data Security, Compliance

Data Breach Today

MARCH 18, 2024

Data Security Vendor Retains Unicorn Status With Riverwood Capital-Led Growth Round A data security firm led by a former CA Technologies executive raised $60 million to boost both organic and inorganic expansion around data and compliance.

Compliance

Compliance Security Access IT

Tips on Securing Endpoints, Ensuring Compliance

Data Breach Today

JANUARY 27, 2021

Matthew Burns of HCL Software discusses securing endpoints and ensuring compliance during exceptional times in an interview following a recent series of virtual roundtables on the subject.

Compliance

Compliance Security

GDPR Compliance Used as Phishing Lure

Data Breach Today

SEPTEMBER 25, 2020

The campaign enticed victims with subject lines indicating their email security system was not in compliance with the law, according to Area 1 Security. Campaign Designed to Steal Credentials A recently uncovered phishing campaign used the European Union's General Data Protection Regulation as a lure to steal login credentials.

Compliance

Compliance Phishing GDPR Security

GUEST ESSAY: The wisdom of taking a risk-based approach to security compliance

The Last Watchdog

APRIL 21, 2022

With estimates suggesting there are currently over 15 billion user credentials scattered across the dark web, the importance of compliance is clear to see. In spite of this, many organizations today still see compliance as a nuisance, rather than a business enabler. Strategizing compliance. Take a risk-based approach.

Compliance

Compliance Risk Security Cybersecurity

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Bales, Esq.

Security

A Holistic Approach to Cybersecurity and Compliance

Data Breach Today

APRIL 16, 2021

In a joint interview, Mike Ferris and Mike Brooks of Abacode, a managed cybersecurity and compliance provider, discuss how the MCCP model helps businesses implement a holistic, framework-based cybersecurity program that provides continuous security and compliance.

Compliance

Compliance Cybersecurity Security

Microsoft's Recall Stokes Security and Privacy Concerns

Data Breach Today

MAY 22, 2024

K ICO Announces Probe Into Microsoft Screenshot Storage Feature Microsoft's new automatic screenshot retrieval feature could enable hackers to steal sensitive information such as online banking credentials, security experts warned. data regulator will probe Recall for compliance with privacy law. Additionally, the U.K.

Privacy

Privacy Security Compliance

Biden Calls for Critical Infrastructure Security Standards

Data Breach Today

JULY 28, 2021

National Security Memo Requires NIST, CISA to Create Standards, But Compliance Is Voluntary President Joe Biden signed an executive national security memorandum on Wednesday calling for the development of new critical infrastructure cybersecurity standards for various industries.

Security

Security Compliance Cybersecurity

Cloudflare Acquires Kivera to Fuel Preventive Cloud Security

Data Breach Today

OCTOBER 8, 2024

Kivera Integrates Controls Into Cloudflare One to Prevent Cloud Misconfigurations With the acquisition of New York-based startup Kivera, Cloudflare will enhance its Cloudflare One platform, adding proactive controls that secure cloud environments, prevent misconfigurations and improve regulatory compliance for businesses using multiple cloud providers. (..)

Cloud

Cloud Security Compliance IT

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

This eBook provides a practical explanation of the different PCI compliance approaches that payment card issuers can adopt, as well as the importance of both protecting user PII and gaining ownership and portability of their sensitive data.

Compliance

RSAC Fireside Chat: Lacework’s cloud-native security platform delivers useful context

The Last Watchdog

MAY 7, 2024

SAN FRANCISCO — Cloud security is stirring buzz as RSA Conference 2024 ramps up at Moscone Convention Center here. Related: The fallacy of ‘security-as-a-cost-center’ Companies are clambering to mitigate unprecedented exposures spinning out of their increasing reliance on cloud hosted resources.

Cloud

Cloud Security Compliance GDPR

Jeanette Manfra on 'Compliance Without Compromise'

Data Breach Today

AUGUST 12, 2020

Google Cloud Director, Formerly of CISA, Discusses Securing Government's Cloud Transformation Jeanette Manfra served under three presidents as one of the top U.S. government cybersecurity leaders. Now in her new role with Google Cloud, she draws upon her public sector experience to help agencies in their cloud adoption.

Compliance

Compliance Cloud Government Cybersecurity

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

The Last Watchdog

JANUARY 9, 2023

As the world becomes more digital and connected, it is no surprise that data privacy and security is a growing concern for small to medium sized businesses — SMBs. Large corporations tend to have the resources to deal with compliance issues. It should be no surprise that data security regulations are on the rise.

Data Privacy

Data Privacy Compliance Privacy GDPR

New CMMC Rule Offers Tiered Security Levels for Contractors

Data Breach Today

DECEMBER 27, 2023

Defense Department Proposes New Security Requirements for Defense Industrial Base The U.S.

Security

Security Compliance Cybersecurity

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device.

Passwords

GUEST ESSAY: JPMorgan’s $200 million in fines stems from all-too-common compliance failures

The Last Watchdog

JANUARY 13, 2022

Last month’s $125 million Security and Exchange Commission (SEC) fine combined with the $75 million U.S. While the price tag of these violations was shocking, the compliance failure was not. Related: Why third-party risks are on the rise. These views were echoed in a CFTC release as well. Insecure platforms.

Compliance

Compliance Customer Experience Communications Archiving

White House Fortifies Tech Vendor Security Requirements

Data Breach Today

SEPTEMBER 15, 2022

Tech Companies Must Vow They Use Secure Software Development Techniques A White House agency today told U.S. federal government IT vendors they must attest to using secure software development techniques.

Security

Security Compliance Government IT

Proof of Concept: Ensuring AI Compliance, Security Controls

Data Breach Today

MAY 22, 2024

They highlighted the evolving roles of compliance and leadership and the importance of regulatory frameworks in ensuring robust and trustworthy AI deployment.

Compliance

Compliance Security

Pathlock-Appsian Deal Combines App Governance, ERP Security

Data Breach Today

MAY 20, 2022

Deal Will Help Clients Secure Users and Data Across SAP and Oracle's ERP Apps Pathlock has merged with Appsian to form a 500-person vendor that secures users and data across SAP and Oracle's ERP apps.

Government

Government Security Compliance Marketing

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Attendees will gain actionable insights on how to manage the complexities of privacy, compliance, and governance in AI-driven environments. 📆 October 22nd, 2024 at 9:30 AM PDT, 12:30 PM EDT, 5:30 PM BST

Data Privacy

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

Today, part three of Last Watchdog s year-end roundtable zeroes in on the regulatory and compliance landscape. Leila Powell , Head of Data, Panaseer In 2025, more organizations will face increased pressure to measure and demonstrate their security posture, especially as regulatory requirements expand.

Compliance

Compliance Cybersecurity Risk Privacy

SEC Aims to Avoid Cyber Disclosure Rule 'Compliance Burdens'

Data Breach Today

NOVEMBER 16, 2023

Securities and Exchange Commission's requirement for publicly traded companies to report cyber incidents that have a material impact within four days is "not about playing gotcha with public companies," said the commission’s director of the corporation finance division.

Compliance

Compliance Security

New Tech Q&A: Adaptiva – CrowdStrike alliance highlights trend of blending IT and security systems

The Last Watchdog

JULY 1, 2024

The coalescing of the next-gen security platforms that will carry us forward continues. Last Watchdog engaged Davinder Singh , Chief Technology Officer at Adaptiva, to drill down on the current state of securing networks. LW: What does this partnership signal about emergent security frameworks and platforms?

IT

IT Security Compliance Manufacturing

OIG: HHS' Info Security Program Still Rated 'Not Effective'

Data Breach Today

MAY 2, 2022

Latest FISMA Compliance Audit Finds a Variety of Issues Auditors have once again rated the Department of Health and Human Services' information security program as "not effective," citing several areas of weaknesses, including issues related to risk management, information security continuous monitoring and contingency planning.

Security

Security Information Security Compliance Risk

The Unexpected Cost of Data Copies

Unfortunately, data replication, transformation, and movement can result in longer time to insight, reduced efficiency, elevated costs, and increased security and compliance risk. How Dremio delivers clear business advantages in productivity, security, and performance.

Security

Talon CEO on Bringing Security, Compliance to Generative AI

Data Breach Today

JULY 3, 2023

Talon CEO Ofer Ben-Noon discussed how his firm has built a DLP compliance model around generative AI services that blocks healthcare information or SWIFT data shared with ChatGPT.

Compliance

Compliance Security

Planning with Purpose: 10 Tips to Develop a Year-Long Security and Compliance Training Program

KnowBe4

MARCH 1, 2024

Our team at KnowBe4 recently got together to talk about planning for annual security and compliance training.

Compliance

Compliance Security Security awareness

Maintaining Momentum in Your Security Strategy

Data Breach Today

AUGUST 1, 2022

Glen Hymers of UK Cabinet Office on Keeping Communication Relevant Cybersecurity practitioners have gained the attention of corporate boards, but that attention must be converted into momentum, says Glen Hymers, head of Data Privacy and Compliance at the U.K. Cabinet Office.

Data Privacy

Data Privacy Security Compliance Communications

DORA Compliance Strategy for Business Leaders

Security Affairs

JUNE 14, 2024

This regulation from the European Union (EU) is intended to both strengthen IT security and enhance the digital resilience of the European financial market. He suggested that it might be a “tough call for any organization to follow and to reach as a compliance deadline.”

Compliance

Compliance Insurance Risk Cloud

Unstructured Data Defense: Navigating AI Compliance and Secure Data Architecture

AIIM

OCTOBER 10, 2024

At the AIIM Information and Data Leadership Symposium on October 1, 2024, in Arlington, VA, James Crifasi (COO & CTO, RedZone Technologies) and Jay Leask (Principal Technical Architect, Microsoft) engaged in a fascinating discussion about defending and protecting unstructured data.

Unstructured data

Unstructured data Compliance Security

GUEST ESSAY: Addressing data leaks and other privacy, security exposures attendant to M&As

The Last Watchdog

JANUARY 27, 2022

Such consolidation across markets is good news for customers and vendors alike in terms of market growth and maximizing security investments. Throughout this period, the risk level of the acquirer is much higher than the acquired company, creating a major cybersecurity gap as they merge their tech stack and security tools together.

Privacy

Privacy Security Risk Marketing

GUEST ESSAY: Here’s why penetration testing has become a ‘must-have’ security practice

The Last Watchdog

FEBRUARY 24, 2022

Now, let me give you a few reasons, why pen testing has emerged as a “must-have” security practice. For example, your website security may prove strong, applications not so much. A pen test can inform and help clarify security policies and strategies. Compliance, governance. Strategic positioning.

Security

Security Compliance Retail Risk

DOD Unveils Final CMMC Rule for Defense Contractors

Data Breach Today

OCTOBER 11, 2024

New Cybersecurity Maturity Model Certification Rule Paves Way for Implementation The Department of Defense is set to implement significant changes to the Cybersecurity Maturity Model Certification program, effective October 15, streamlining compliance for contractors by introducing a tiered system while enhancing security standards.

Compliance

Compliance Cybersecurity Security

What You Should Know About Open Source License Compliance for M&A Activity

Data Breach Today

AUGUST 2, 2023

Companies are increasingly concerned about the security of applications built on open source components, especially when they’re involved in mergers and acquisitions. Just like copyright for works of art, each piece of open source software has a license that states legally binding conditions for its use.

Compliance

Compliance Security IT

Zero Trust: Two Models for Implementation

Data Breach Today

JULY 7, 2021

LafargeHolcim's Manish Dave on Building a Framework Manish Dave, head of IT security and compliance at LafargeHolcim, a multinational company that manufactures building materials, describes two ways to implement the "zero trust" model: User-to-application and workload-to-workload segmentation.

Manufacturing

Manufacturing Compliance Security IT

NIS2 Directive: Focusing on Critical Infrastructure Security

Data Breach Today

AUGUST 29, 2024

Compliance Expert on Readiness, Compliance and Rapid Incident Reporting The NIS2 Directive focuses on addressing gaps and strengthening the security of network and information systems across the European Union.

Security

Security Compliance Cybersecurity

GUEST ESSAY: Deploying ‘XDR’ can help companies avoid the security ‘vendor-silo’ trap

The Last Watchdog

MAY 25, 2022

According to recent data from Oracle and KPMG, organizations today employ over 100 cybersecurity products to secure their environments. Related: Taking a ‘risk-base’ approach to security compliance. This hybrid model has created exciting opportunities for employees and organizations and significantly raised the security stakes.

Security

Security Digital transformation Cybersecurity Compliance

Critical Considerations for AI Developments in Healthcare

Data Breach Today

MARCH 11, 2024

Sunil Dadlani, CIO and CISO of Atlantic Health System on AI Promise, Risks AI holds enormous potential for transforming and reimagining all aspects of healthcare, but mitigating the risks requires a collaborative, comprehensive approach prioritizing data security, regulatory compliance, and ethical considerations, said Sunil Dadlani, CIO and CISO at (..)

Compliance

Compliance Risk Security

Relyance AI Raises $32M to Take on AI Governance Challenges

Data Breach Today

OCTOBER 10, 2024

Thomvest Ventures Leads Series B Funding to Support Privacy and Security Compliance Relyance AI raised $32 million in Series B funding to grow its data governance platform.

Government

Government Privacy Compliance Security

GUEST ESSAY: The Top 5 myths about SIEM –‘security information and event management’

The Last Watchdog

AUGUST 30, 2021

One of the most commonly repeated phrases in the security industry is, “Security teams hate their SIEM!”. Security Information and Event Management (SIEM) is not what it was 20 years ago. Here are five misconceptions, or myths, related to the SIEM, now security analytics platforms: • SIEMs are only good for compliance.

Analytics

Analytics Security Marketing Compliance

Online Merchants: PCI DSS Compliance Tips When Outsourcing

IT Governance

AUGUST 15, 2024

So, they’re subject to the PCI DSS (Payment Card Industry Data Security Standard). However, you can reduce your scope to drastically lower the number of requirements you must meet, thereby significantly reducing your compliance burden. Requirement 6: Develop and maintain secure systems and software. So, merchants think: ‘Great!

Compliance

Compliance Cloud Security Paper

Do Leading AI Models Comply With the EU AI Act?

Data Breach Today

OCTOBER 30, 2024

New Compliance Tool Say Many AI Firms Fail to Meet Security, Fairness Standards Large language models developed by Meta and Mistral AI are among a dozen artificial intelligence models that fail to meet the cybersecurity and fairness requirements of the European Union AI Act, which went into effect on Aug.

Artificial Intelligence

Artificial Intelligence Compliance Cybersecurity Security

GUEST ESSAY: The case for complying with ISO 27001 — the gold standard of security frameworks

The Last Watchdog

FEBRUARY 26, 2023

Of the numerous security frameworks available to help companies protect against cyber-threats, many consider ISO 27001 to be the gold standard. These updates address the growing risk to application security (AppSec), and so they’re critically important for organizations to understand and implement in their IT systems ASAP.

Security

Security Compliance Risk Ransomware

Honeywell to Buy SCADAfence to Strengthen OT Security Muscle

Data Breach Today

JULY 10, 2023

Security Vendor Will Provide Asset Discovery, Threat Detection to Industrial Firms Honeywell plans to purchase an OT security vendor founded by Israel Defense Forces veterans to deliver asset discovery, threat detection and compliance management to industrial organizations.

Security

Security Compliance Cybersecurity

BigID Raises $60M, Eyes M&A Around Data Security, Compliance

Tips on Securing Endpoints, Ensuring Compliance

Trending Sources

GDPR Compliance Used as Phishing Lure

GUEST ESSAY: The wisdom of taking a risk-based approach to security compliance

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

A Holistic Approach to Cybersecurity and Compliance

Microsoft's Recall Stokes Security and Privacy Concerns

Biden Calls for Critical Infrastructure Security Standards

Cloudflare Acquires Kivera to Fuel Preventive Cloud Security

The Importance of PCI Compliance and Data Ownership When Issuing Payment Cards

RSAC Fireside Chat: Lacework’s cloud-native security platform delivers useful context

Jeanette Manfra on 'Compliance Without Compromise'

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

New CMMC Rule Offers Tiered Security Levels for Contractors

Prevent Data Breaches With Zero-Trust Enterprise Password Management

GUEST ESSAY: JPMorgan’s $200 million in fines stems from all-too-common compliance failures

White House Fortifies Tech Vendor Security Requirements

Proof of Concept: Ensuring AI Compliance, Security Controls

Pathlock-Appsian Deal Combines App Governance, ERP Security

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

SEC Aims to Avoid Cyber Disclosure Rule 'Compliance Burdens'

New Tech Q&A: Adaptiva – CrowdStrike alliance highlights trend of blending IT and security systems

OIG: HHS' Info Security Program Still Rated 'Not Effective'

The Unexpected Cost of Data Copies

Talon CEO on Bringing Security, Compliance to Generative AI

Planning with Purpose: 10 Tips to Develop a Year-Long Security and Compliance Training Program

Maintaining Momentum in Your Security Strategy

DORA Compliance Strategy for Business Leaders

Unstructured Data Defense: Navigating AI Compliance and Secure Data Architecture

GUEST ESSAY: Addressing data leaks and other privacy, security exposures attendant to M&As

GUEST ESSAY: Here’s why penetration testing has become a ‘must-have’ security practice

DOD Unveils Final CMMC Rule for Defense Contractors

What You Should Know About Open Source License Compliance for M&A Activity

Zero Trust: Two Models for Implementation

NIS2 Directive: Focusing on Critical Infrastructure Security

GUEST ESSAY: Deploying ‘XDR’ can help companies avoid the security ‘vendor-silo’ trap

Critical Considerations for AI Developments in Healthcare

Relyance AI Raises $32M to Take on AI Governance Challenges

GUEST ESSAY: The Top 5 myths about SIEM –‘security information and event management’

Online Merchants: PCI DSS Compliance Tips When Outsourcing

Do Leading AI Models Comply With the EU AI Act?

GUEST ESSAY: The case for complying with ISO 27001 — the gold standard of security frameworks

Honeywell to Buy SCADAfence to Strengthen OT Security Muscle

Stay Connected