Centraleyes Privacy Framework (CPF)

| | security
What is the CPF? The Centraleyes Privacy Framework (CPF) is a comprehensive compliance tool designed to help organizations adhere to the diverse privacy regulations that are individual to each state in the United States. As of now, these states are California, Colorado, Connecticut, Virginia, Utah, Washington, Nevada, New York, Massachusetts, ... Read More

Florida Digital Bill of Rights (FDBR)

| | Compliance
What is the Florida Digital Bill of Rights (FDBR)? The Florida Digital Bill of Rights (FDBR) is a comprehensive data privacy law that will take effect on July 1, 2024. It consists of three sections addressing data privacy obligations for businesses, protections for children online, and government control over social ... Read More

Nevada Privacy Act

| | Compliance
What is the Nevada Privacy Act? The Nevada Privacy Act (NPA), also referred to as NRS 603A, is a state-specific data privacy framework aimed at enhancing the protection of personal data for Nevada residents. Enacted in 2019 and subsequently amended, this law imposes obligations on businesses operating in Nevada to ... Read More

Iowa Consumer Data Protection Act (ICDPA)

| | Compliance
What is the Iowa Consumer Data Protection Act (ICDPA)? The Iowa Consumer Data Protection Act (ICDPA) is a data privacy law set to take effect on January 1, 2025. This framework is relevant to businesses that control or process the personal data of at least 100,000 Iowa residents or derive ... Read More
Snowflake Breach Snowballs

Snowflake Breach Snowballs

In a concerning turn of events, a breach in Snowflake’s cloud storage system has resulted in a significant data breach at Advance Auto Parts, a leading automotive aftermarket parts provider. Threat actors, exploiting vulnerabilities in Snowflake’s platform, have gained unauthorized access to sensitive customer and employee data, prompting urgent calls ... Read More

AI Governance

| | security
What is the Centraleyes AI Governance Framework? The AI Governance assessment, created by the Analyst Team at Centraleyes, is designed to fill a critical gap for organizations that use pre-made or built-in AI tools. While many official assessments focus on helping developers secure AI systems, our assessment provides a tailored ... Read More
Cybersecurity in Sports: A New Arena for Risk Management

Cybersecurity in Sports: A New Arena for Risk Management

In the high-stakes world of professional sports, the action isn’t just on the field. Behind the scenes, a digital battle rages as cybercriminals target teams, players, and fans. According to a recent Reuters report, here’s why the sports industry is on high alert and how it’s fighting back.  Alarming Surge ... Read More

ISO 42001

| | Compliance, security
What is ISO 42001 (AI)? Artificial intelligence (AI) has emerged as a transformative technology, imbuing machines with human-like intelligence to perform tasks across various domains. However, with its exponential growth comes a pressing need for governance and regulation to ensure its responsible and ethical deployment. ISO 42001, the world’s pioneering ... Read More

NIS2

| | Compliance
What is NIS2? NIS2 is a high-level directive, strengthening cybersecurity. To enhance Europe’s resilience against existing and emerging cyber threats, the NIS2 Directive introduces new requirements and obligations for organizations in four key areas:  1. Risk Management: Organizations are mandated to implement measures aimed at minimizing cyber risks in alignment ... Read More

What is NIST AI RMF?

| | security
As artificial intelligence gains traction and becomes increasingly more popular, it is critical to understand the risks that apply to companies who are creating AI tools. As NIST explains, the main risks associated with developing an AI system are not the same as the risks that can impact traditional software ... Read More