regulations
TSA Issues Directive to Prevent Another Colonial Pipeline Attack
Following months of pushback from private industry, the Transportation Security Administration (TSA) reissued a revised version of its cybersecurity directive for oil and natural gas pipeline owners and operators. The directive follows ...
Why is Data Privacy an Immediate Enterprise Priority?
In the past ten years, the rise of privacy-conscious consumers and emerging data regulations have compelled enterprises to prioritize their data management programs. Read more to learn how data privacy has become ...
Cars in the Crosshairs: Automakers, Regulators Take on Cybersecurity
If I were to ask you to imagine someone hacking a car, what’s the first thing that comes to mind? Let me guess: You’re picturing someone wearing a black hoodie and a ...
Gov’t Cybersecurity Standards Not Enough to Protect Consumers
The EU’s proposed Cyber Resilience Act, which would introduce cybersecurity standards and regulations for all products and connected devices, is not enough to actually mitigate the increasing risk of cyberattacks. There is ...
CISO Stories Podcast: Which Approach Wins – Compliance or Risk?
Cybersecurity programs have evolved from the early days of compliance with regulations. Regulations are important and provide the necessary motivation for many organizations to implement security controls that may not otherwise be ...
Privacy in Q2: In Like a Lion, Out Like a … Lion
For a while, privacy in Q2 was looking like it would follow the season’s idiomatic rule: in like a lion, out like a lamb. But it came roaring back in June with ...
Everything You Should Know About the HIPAA Enforcement Rule
With the regular and much needed update to critical standards such as HIPAA, auditors and compliance experts need to be continuously on their toes to review and acquaint themselves with these new ...
New Bill Could Force U.S. Businesses to Report Data Breaches Quicker
A bipartisan Senate bill would require some businesses to report data breaches to law enforcement within 24 hours or face financial penalties and the loss of government contracts. The legislation from Senate ...
NIST SP 800-172 (Formerly SP 800-171B) Release Couldn’t Come at a Better Time
NIST’s timely new release of Special Publication (SP) 800-172 (formerly referred to in draft form as 800-171B) provides exactly what its title says, Enhanced Security Requirements for Protecting Controlled Unclassified Information: A ...
PCI DSS Compliance Flagged as Major Concern in Verizon Business Report
There was much anticipation from those within the finance and security industries to learn about the key findings from the Verizon 2020 Payment Security Report. Why? Because it highlights the key trends ...
