eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S. PIPL Raises the Bar – And the Stakes.

Data Privacy 145

Data Privacy Compliance Privacy Security 145

Hunton Privacy

JANUARY 19, 2021

On January 18, 2021, the European Data Protection Board (“EDPB”) released draft Guidelines 01/2021 on Examples regarding Data Breach Notification (the “Guidelines”). The new draft Guidelines take into account supervisory authorities’ common experiences with data breaches since the GDPR became applicable in May 2018.

Data breaches 99

Data breaches Personal data GDPR Risk 99

Security Affairs

JANUARY 21, 2023

by the Irish Data Protection Commission (DPC) for violating the General Data Protection Regulation (GDPR). million (for breaches of the GDPR relating to its service).” million (for breaches of the GDPR relating to its service).” The Irish Data Protection Commission (DPC) fined Meta’s WhatsApp €5.5

GDPR 85

GDPR Metadata Encryption Communications 85

Hunton Privacy

MARCH 10, 2021

On March 2, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the European Data Protection Board (“EDPB”) consultation on draft guidelines on examples regarding data breach notification (the “Guidelines”). The Guidelines were adopted on January 14, 2021 for public consultation.

Data breaches 96

Data breaches GDPR Personal data Risk 96

eSecurity Planet

SEPTEMBER 13, 2024

Cyber security in banking has become the frontline defense against an ever-growing wave of digital threats. In this article, we’ll dive into the most pressing cyber security concerns and explore the best practices and solutions that are shaping the future of secure banking.

Security 108

Security Phishing Encryption Access 108

AIIM

JUNE 26, 2018

Now that the EU General Data Protection Regulation (GDPR) is in force organizations are ramping up their efforts to re-fresh data subject consent obtained prior to GDPR and under the EU Data Protection Directive 95/46/EC by virtue of which opt-out, or implied consent was permissible. Furthermore, the.

GDPR 111

GDPR Privacy Marketing Sales 111

Security Affairs

JANUARY 18, 2021

fine under GDPR against the online laptop and electronic goods retailer NBB for video-monitoring employees. million fine under the GDPR against an online laptop and electronic goods retailer NBB’s (notebooksbilliger.de) for video-monitoring employees for at least a couple of years. .” SecurityAffairs – hacking, GDPR).

Retail 116

Retail GDPR Sales Privacy 116

IT Governance

JULY 2, 2020

What is the GDPR? Second, organisations must implement security measures to protect personal data from being breached or misused, and they must disclose any security incidents involving this data. First, the UK has implemented the UK DPA (Data Protection Act) 2018 , which adopts the GDPR into national law.

GDPR 110

GDPR Personal data Data breaches Compliance 110

IT Governance

SEPTEMBER 5, 2024

Risk management is fundamental to information security and the international standard for information security management, ISO 27001. Previously , our head of GRC (governance, risk and compliance) consultancy, Damian Garcia, explained where to start with cyber security risk management: establishing a common vocabulary.

Information Security 86

Information Security Risk Security Compliance 86

AIIM

SEPTEMBER 12, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR Compliance Starts with Data Discovery.

GDPR 94

GDPR Government Information governance Compliance 94

IT Governance

FEBRUARY 22, 2022

Information security management is a way of protecting an organisation’s sensitive data from threats and vulnerabilities. The process is typically embedded via an ISMS (information security management system) , which provides the framework for managing information security. Why is information security management important?

Information Security 134

Information Security Security Data breaches Risk 134

IT Governance

OCTOBER 3, 2019

You might be surprised to learn that CCTV footage is subject to the GDPR (General Data Protection Regulation). Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant. Let’s take a look at the steps you should follow to ensure your video surveillance methods are GDPR-compliant.

GDPR 101

GDPR Privacy Retail Personal data 101

eSecurity Planet

SEPTEMBER 16, 2024

A cloud security policy is a comprehensive document that describes the organization’s guidelines for protecting cloud services. It specifies how data should be secured, who can access it, and the procedures for monitoring permissions. It establishes rules for cloud data security , access management, and threat response.

Cloud 62

Cloud Security Compliance Risk 62

IT Governance

MARCH 6, 2019

The GDPR (General Data Protection Regulation) isn’t only about preventing data breaches (it’s equally focused on strengthening data subjects’ rights), but organisations have understandably honed in on the importance of effective data protection. What the GDPR says about reducing risk. ISO 27001 and the GDPR.

Information Security 73

Information Security GDPR Data breaches Compliance 73

Data Matters

SEPTEMBER 18, 2020

On 2 September 2020, the European Data Protection Board ( EDPB ) published draft guidelines on the concepts of controller and processor under the GDPR ( Draft Guidelines ). The Draft Guidelines provide further examples of what such essential and non-essential processing may entail. The Draft Guidelines consist of two parts.

GDPR 96

GDPR Personal data Compliance Access 96

AIIM

AUGUST 8, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. How do they assess their progress in meeting the core requirements of GDPR?

GDPR 84

GDPR Compliance Digital preservation Artificial Intelligence 84

AIIM

AUGUST 8, 2018

The GDPR’s May 25, 2018 deadline set in motion a mad compliance and security scramble not only for European companies, but also for any company doing business in Europe or with European customers. We just published a new market research report on GDPR. How do they assess their progress in meeting the core requirements of GDPR?

GDPR 80

GDPR Compliance Digital preservation Artificial Intelligence 80

Hunton Privacy

SEPTEMBER 10, 2020

On September 7, 2020, the European Data Protection Board (“EDPB”) released draft Guidelines 07/2020 on the concepts of controller and processor in the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”). However, the GDPR has introduced new obligations on those actors.

GDPR 95

GDPR Personal data Data breaches Compliance 95

KnowBe4

SEPTEMBER 10, 2019

The California Consumer Privacy Act (CCPA) was introduced just a month after the European Union instituted the General Data Protection Regulation (GDPR), earning the CCPA the nickname of “California’s GDPR.”. While the GDPR has been in effect since May of 2018, the CCPA is on track to become effective on January 1, 2020.

GDPR 73

GDPR Privacy Personal data Passwords 73

OpenText Information Management

JULY 17, 2024

Real-world example: In March 2023, a vulnerability in the Redis library used by ChatGPT led to a data breach , exposing sensitive user information. This is where Secure Information Management (SIM) plays a crucial role. What is secure information management? secure when in-use, in-transit, and at-rest.

Security 67

Security Data breaches Risk Data Privacy 67

IT Governance

AUGUST 21, 2019

The GDPR (General Data Protection Regulation) hasn’t exactly crept up unnoticed over the past year or so, but it’s still caught many organisations by surprise. Meanwhile, although the specifics of Brexit are still unclear, one thing is certain: whatever happens, UK-based organisations will be subject to the GDPR’s requirements.

GDPR 70

GDPR Compliance Personal data Access 70

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR Compliance Starts with Data Discovery.

GDPR 83

GDPR Compliance Privacy Data Privacy 83

eSecurity Planet

FEBRUARY 14, 2023

I remember the first time we were asked for a SOC 2 report, which quickly became the minimum bar requirement in our industry for proof of an effective security program,” he said. The vision was to automate security and compliance across 14 frameworks, including SOC 2, ISO 27001, HIPAA and GDPR. Growth has definitely been robust.

Compliance 121

Compliance Security Cybersecurity Marketing 121

Krebs on Security

DECEMBER 6, 2023

ICANN made the policy change in response to the General Data Protection Regulation (GDPR), a law enacted by the European Parliament that requires companies to gain affirmative consent for any personal information they collect on people within the European Union. The RDRS portal.

Phishing 229

Phishing GDPR Personal data Communications 229

The Last Watchdog

AUGUST 29, 2019

Related: Will GDPR usher in new age of privacy? It’s no wonder security analysts toiling in security operations centers (SOCs) are depressed. based supplier of advanced security management systems. I had an evocative discussion about this with Sam Humphries, senior product marketing manager for Exabeam.

GDPR 153

GDPR Privacy Big data Personal data 153

Data Matters

JULY 8, 2019

Today we saw the ICO issue a notice of its intention to fine British Airways £183.39m for infringements of the GDPR – a record fine and the largest seen in the UK and the EU. This action by the ICO demonstrates that they are prepared to enforce the GDPR and levy significant fines.

GDPR 72

GDPR Privacy Data breaches Risk 72

IT Governance

SEPTEMBER 17, 2019

We have good news for those looking for help complying with the GDPR (General Data Protection Regulation) : new guidance has been released on how to create effective data privacy controls. ISO 27701 and ISO 27001: privacy vs security. ISO 27701 and the GDPR. However, they aren’t identical.

Data Privacy 75

Data Privacy GDPR Compliance Privacy 75

Collibra

FEBRUARY 25, 2021

The General Data Protection Regulation (GDPR) mandates businesses to make provisions for EU citizens to exercise their right to access and control their personal data, including the export of personal data outside the EU. The GDPR impacts both data controllers (legal entities such as companies) as well as data processors (SaaS providers).

GDPR 40

GDPR Compliance Personal data Data Privacy 40

IT Governance

NOVEMBER 14, 2018

Data controllers and data processors are an integral part of the GDPR. The terms ‘data controller’ and ‘data processor’ have been around for years, but it’s only since the EU GDPR (General Data Protection Regulation) took effect that they’ve been scrutinised. That’s understandable. The basics. Responsibilities of the data processor.

GDPR 95

GDPR Retail Data collection Personal data 95

Schneier on Security

OCTOBER 3, 2018

The EU's GDPR regulation requires companies to report a breach within 72 hours. Alex Stamos, former Facebook CISO now at Stanford University, points out how this can be a problem: Interesting impact of the GDPR 72-hour deadline: companies announcing breaches before investigations are complete. Last week's Facebook hack is his example.

GDPR 99

GDPR IT 99

IT Governance

MAY 17, 2022

Cyber security audits are a vital component of an organisation’s defences against data breaches and privacy violations. By probing organisations’ systems and services, an auditor can identify security weaknesses, and determine whether their practices comply with relevant laws, such as the GDPR (General Data Protection Regulation).

IT 117

IT Security Data breaches GDPR 117

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. 5-Step Process.

GDPR 60

GDPR Personal data Privacy Manufacturing 60

Data Matters

DECEMBER 9, 2019

Recently, the Association of German Data Protection Authorities (“ Datenschutzkonferenz ” or “DSK”) issued guidelines setting a GDPR fining methodology (“Fining Methodology”). GDPR enforcement across the EU has picked up over the past year. 5-Step Process.

GDPR 60

GDPR Personal data Privacy Manufacturing 60

IT Governance

NOVEMBER 7, 2019

All organisations need help complying with the GDPR (General Data Protection Regulation). Let’s take a look at what it covers and how it simplifies your GDPR requirements. vsRisk Cloud , for conducting information security risk assessments. vsRisk Cloud , for conducting information security risk assessments.

GDPR 67

GDPR Compliance Risk Cloud 67

DLA Piper Privacy Matters

MARCH 7, 2023

Authors: Andreas Rüdiger , Philipp Adelberg On 14 February 2023, the European Data Protection Board (“ EDPB ”) published the updated and final version of its Guidelines 05/2021 on the Interplay between the application of Article 3 and the provisions on international transfers as per Chapter V of the GDPR ( EDPB Guidelines 05/2021 ).

GDPR 52

GDPR Personal data Risk Access 52

IT Governance

NOVEMBER 24, 2021

But as is often the case with technological solutions, the benefits of convenience comes with security risks. In this blog, we look at the top five Cloud security challenges that organisations face, and provide tips on how to overcome them. Data breaches.

Cloud 126

Cloud Risk Security Data breaches 126

IT Governance

JULY 25, 2018

One overlooked side-effect of the GDPR (General Data Protection Regulation) is the extent to which data privacy and information security have become widely discussed. For example, the below screenshot shows a friend asking me about a suspicious link.

GDPR 52

GDPR Phishing Security Data Privacy 52