Harnessing the Power of GRC Software for Enhanced Business Resilience and Compliance
Have you ever tried to fix a leaky faucet only to discover that the whole plumbing system is outdated? I sometimes feel that way about the world of GRC systems. I remember working with a company that had been using the same IT system for over a decade. The fear ... Read More
UK Data Centres Crowned Critical National Infrastructure
The UK government has elevated data centres to the status of “Critical National Infrastructure” (CNI), putting them in the same league as power grids and water supplies. This announcement follows the announcement earlier this year of major investments in UK data centres. DC01UK has proposed a £3.75 billion ($4.88 billion) ... Read More
FFIEC Will Sunset the Cybersecurity Assessment Tool: Everything You Need to be Prepared
The Federal Financial Institutions Examination Council (FFIEC) has officially announced that its Cybersecurity Assessment Tool (CAT) will phase out by August 31, 2025. Launched in June 2015, the CAT has helped financial institutions assess and improve their cybersecurity posture. However, with cybersecurity threats constantly evolving, the FFIEC has decided it’s ... Read More
FIPPA: Understanding Canada’s Information and Protection Privacy Law
In today’s data-driven world, protecting personal information and the right to access government records are fundamental to ensuring transparency and privacy. Canada’s Freedom of Information and Protection of Privacy Act (FIPPA) is a key piece of legislation that balances these two critical aspects. Whether you’re a concerned citizen, an organization, ... Read More
White House and CISA Double Down on Securing Open Source Software: A New Era of Vigilance
In April, the tech world faced a concerning incident involving XZ Utils, a widely used open-source compression tool. A maintainer under the alias Jia Tan inserted a backdoor into a beta version, potentially granting hackers full control if it had gone live. Luckily, it was discovered before any harm was ... Read More
Understanding British Columbia’s Personal Information Protection Act (PIPA)
What is BC PIPA? In today’s digital age, privacy has become a crucial concern for individuals and organizations alike. British Columbia (BC) is at the forefront of protecting personal information through its Personal Information Protection Act (PIPA). This law is the cornerstone of data protection in the province, regulating how ... Read More
Risk Register Templates: Enhancing Your Risk Management Strategy
In a world full of uncertainties, how do you keep your business risks in check? Today, we’re exploring risk register templates and how they can supercharge your risk management strategy. What is a Risk Register? First things first, let’s define what a risk register is. A risk register is a ... Read More
Colorado New AI Act: Everything you Need to Know
On May 8, 2024, the Colorado House of Representatives passed SB 205, a landmark law regulating artificial intelligence (AI). This bill, which had already cleared the state Senate on May 3, positions Colorado as the first state in the nation to introduce comprehensive AI legislation. With Governor Jared Polis’s decision ... Read More
Updating Security Metrics For NIST CSF 2.0: A Guide To Transitioning From 1.0 To 2.0
The NIST Cybersecurity Framework (CSF) has long served as a cybersecurity cornerstone, offering a structured approach to managing and improving cybersecurity risk. With the release of NIST CSF 2.0, organizations are poised to benefit from updated guidelines that reflect the latest cybersecurity practices and challenges. Understanding NIST CSF 2.0 The ... Read More
Massive Data Breach Exposes Personal Information of Billions
A data breach at National Public Data, a relatively obscure but widely connected company, has exposed 272 million Social Security numbers. This breach, reminiscent of the 2017 Equifax breach but on an even larger scale, has sent shockwaves through the security sector. Hackers infiltrated National Public Data’s systems, accessing a ... Read More