Should U.S. Companies Be GDPR Compliant? Yes!

GDPR is now the standard industry best-practice, so if you are not taking the steps outlined in this regulation, your data protection approach will be viewed as out-of-date, incomplete, and possibly negligent. In our global, digital village, you need to incorporate standards from around the world into your information security systems.

How About Treating Everyone’s Data As If It Were Your Own?

With May 25 looming, preparing for compliance with the European Union (EU) General Data Protection Regulation (GDPR) is an unavoidable necessity for businesses – and an important act of social responsibility.

GDPR Is Coming Fast – Are You Ready To Catch This Train?

When the European Union’s General Data Protection Regulations (GDPR) becomes enforceable, many firms in the US will still not prepared to meet the needs of the regulation come May 25, 2018 – but the penalties for non-compliance are significant for businesses.

GDPR Will Have A Big Impact On Small And Medium Business - Part 3

Welcome to the last of our three-part GDPR series. In this post we’ll dive deeper into a few more key concepts, like individual rights, data controllers vs. data processors (and how you can determine which one you are), and the new 72-hour rule for data breach reporting.

GDPR: Do Not Forget About PII Data In Your Non-Production Environment Such As Legacy, Archive, Development, And Test

On May 25, 2016, the GDPR (General Data Protection Regulation) became law in 28 European countries, marking the arrival of the biggest piece of legislation ever created on a Global scale. We are now rapidly approaching the date when enforcement of the new law will commence in 2018. The most important and significant thing to remember about the regulation is its global scope — this means that wherever you are in the world, if you hold or process personal data of Europeans, then you and your company must comply.

GDPR Will Have A Big Impact On Small And Medium Business - Part 2

In Part One of our three-part series, we started with a basic overview of who GDPR applies to and the definition of personal data under GDPR. Here in Part Two we will discuss key elements such as consent and online data technologies, privacy notices and cross border transfers. Part Three will dive into understanding individual rights and the obligations of a data controller and data processor.

GDPR - Other Governments Will Follow The EU’s Example

We’re living in a new era of cyber-threats - and governments have started to take notice. To protect the information of their citizens, they’re implementing new regulations that hit businesses where it really hurts. Here’s what you need to know.

GDPR Will Have A Big Impact On Small And Medium Business - Part 1

GDPR is a complex regulation comprised of 99 articles. In this 3 part series, we’ll break down the components of GDPR starting with an overview of the regulation and why you need to start preparing now. Part 2 will discuss some of the key elements including obtaining valid consent, online data technologies, privacy notices and cross border transfer. Part 3 will dive deeper into understanding the obligations of a Data Controller and Data Processors, individual rights, and the 72 hour data breach notification requirement.

Complying With GDPR Might Require Some Rescue Operation

Preparing for the GDPR leads to many questions for compliance teams, like, can we identify and monitor all websites collecting PII on behalf of our company? Are those collection points secure? Are they accompanied by compliance statements and controls? RiskIQ explores these potential issues and offers tips on how to address them.

Breach Notification Rule? GDPR 72 hrs - Equifax took 40 DAYS

Equifax took 40 days to report its breach, which is arguably morally incorrect and unacceptable in today's world. The EU GDPR has a 72-hour breach notification rule. Following the GDPR's example, we recommend a more unified approach.

GDPR: Workflow Processes Can Help With Data Management

The GDPR is a de facto mandate for every company to invest in process automation software. How can business workflows help with privacy compliance? Read to learn more.

The Reports of FTP Death are Greatly Exaggerated

Reports of the death of File Transfer Protocol (FTP) have circulated ever since Debian Project announced it was sunsetting the popular and long-lived protocol on November 1 later this year. Don't believe it.

Experts Panels On Security And Privacy At ISSA-LA Summit #9

ISSA-LA presents two women in security and technology panels. The first panel explores information security, IT and other technology-oriented positions as they relate to attracting, recruiting, and maintaining diverse talent. And the second panel focuses on a different kind of inclusion: security versus privacy in the cybersecurity space.

Cybersecurity Tips For Financial Services Firms

There are some key things that a financial services firm needs to care about when it comes to security: Ashwin Krishnan offers his expert advice to help financial services firms develop their information security practice.

What is (EU) 2016/679 and Why US Companies Should Care - A LOT - About It?

Familiar with the ‘General Data Protection Regulation' (GDPR) but not exactly sure what it entails? This piece explains that the GDPR is a regulation by which the European Parliament, the European Council and the European Commission intend to strengthen and unify data protection for individuals within the European Union (EU).