Key Takeaways 2026 Update: Proposed Maine Online Data Privacy Act In March 2026, Maine lawmakers moved forward with a new proposal that could significantly expand privacy protections in the state. The proposed Maine Online Data Privacy Act would introduce a broader consumer privacy framework, moving beyond Maine’s existing law that ... Read More

The NIST 800-53 Revision 5 provides a catalog of security and privacy controls for information systems and organizations to protect organizations and ultimately, the US from a diverse set of risks, including the following threats. The NIST 800-53 controls are flexible and customizable and implemented as part of an organization-wide ... Read More

The global cost of cybercrime is projected to reach $10.5 trillion annually by 2025, up from $3 trillion in 2015.. Financial institutions, government agencies, and energy companies are among cybercriminals’ favorite targets, making the United Arab Emirates a top target for recent cyber security breaches. Fortunately, the UAE has achieved ... Read More

Two Foundational Frameworks: ISO 27001 and HIPAA With the growing number of risks in the information security space, a standardized approach is crucial to protecting an organization’s operations. Two foundational frameworks for data protection and security are HIPAA and ISO 27001. Given the completely different contexts of these two frameworks, ... Read More

Updated September 2024 Here’s an interesting fact about the Hawaii bill of rights: The Hawaii constitution lists the word “privacy” several times. Compare that to the U.S. Bill of Rights, which does not mention the word at all. According to the National Conference of State Legislatures, only 10 states have ... Read More

The last couple of years have seen a wave of state privacy law proposals across the United States. As of 2018, only California had passed a comprehensive privacy law. By late 2022, the federal government and 29 states were playing the game, with even more getting in line. Among this ... Read More

The purpose of PCI DSS is simply to ensure that all companies that accept, process, store or transmit credit card information, are careful to actively maintain a secure environment. The Payment Card Industry Data Security Standard (PCI DSS) was developed by the five major payment card brands that formed the ... Read More

What is a PCI Audit? The Payment Card Industry Data Security Standard, known widely as PCI DSS, is a set of security standards intended to ensure that ALL businesses who accept, process, store, or transmit credit card data do so in a safe manner. Established by the main major credit ... Read More

Podcasts have exploded in popularity over the past several years, and it’s not difficult to see why. A sort of natural evolution of the traditional radio show, podcasts make for perfect listening whether commuting or working from home.  And while many of these podcasts exist purely for entertainment purposes, many ... Read More

Compliance automation has never been more important as companies face frequently updated regulations and a growing cost of non-compliance.  A recent study found that the cost of non-compliance is 2.71 times higher than the cost of compliance. Therefore, organizations that invest in achieving and maintaining compliance will ultimately reduce their ... Read More