Several years ago, the Federal Trade Commission (FTC) released a good video that is still highly relevent today. The video explains how companies can leverage NIST's Cybersecurity Framework to greatly improve security in their organization. In this article, we highlight the five key tenants from the framework and how they could have possibly prevented FTC action and penalties.
Equifax Inc. has agreed to sign a settlement with the FTC to pay at least $575 million, and potentially up to $700 million, related to the massive data breach in 2017 that impacted nearly 147 million people.
British regulators announced intentions to fine British Airways $230 million (£183m) for a data breach that impacted close to 500,000 customers.
Washington State legislators passed a new Data Breach bill, HB 1071, that strengthens data breach notification laws. The new law now includes the expansion of the definition of personal information and also reduces the breach notification deadline.
The European Parliament voted in favor of a massive database to unify and track biometrics data of EU and non-EU citizens, as part of approved Interoperability Legislation.
French data protection watch dog and data privacy agency, CNIL, has imposed nearly a $57 million fine against Google for violating GDPR privacy rules. This is the first time GDPR-related penalties have been imposed against a large U.S. technology company since GDPR was first made into law last year.
Critical vulnerabilities in a popular WordPress GDPR Compliance plugin was being exploited in the wild by hackers. WordPress since released version 1.4.3 that patched the critical flaws.
President Donald Trump signed the NIST Small Business Cybersecurity Act into law, legislation authored by U.S. Senators Brian Schatz (D-Hawai‘i) and James Risch (R-Idaho).
In case you missed it, the National Institute of Standards and Technologies (NIST) published a new guideline "An Introduction to Information Security" for individuals looking to get a better understanding of introductory information security best practices.
These 10 critical yet practical data security controls can help your small or mid-sized business safeguard sensitive data and be better prepared for the General Data Protection Regulation (GDPR), soon to…