Security vs. Compliance: What’s the Difference?

Security and compliance are often said in the same breath as if they are two sides of the same coin, two members of the same team or two great tastes that go ...

Big Data is Big Business: A Growing Trend of User Data Abuse and How to Protect Yourself

May 25, 2018 was the deadline for GDPR compliance. The media was abuzz. Businesses were rushing to update their privacy policy page. Companies were emailing newsletter subscribers to approve updated privacy policies ...

Computer System Security Requirements for IRS 1075: What You Need to Know

The IRS 1075 publication lays out a framework of compliance regulations to ensure federal tax information, or FTI, is treated with adequate security provisioning to protect its confidentiality. This may sound simple ...

NERC CIP Audits: Top 8 Dos and Don’ts

My time at NERC had me involved with quite a few projects over my seven-year career there. I was involved with CIP compliance audits, investigations, auditor training, and many advisory sessions. Typically, ...

The Next Milestone for the NYS DFS Cybersecurity Regulation is Approaching

The landmark NYS DFS cybersecurity regulation that took effect in New York State in March 2017 is approaching its third of four milestones. This was the first regulation of its kind that ...

The California Consumer Privacy Act of 2018 (AB 375): What You Need to Know

On June 28, California passed a sweeping data privacy law after only one week of work. Unless AB 375 (the California Consumer Privacy Act of 2018) is amended before its January 1, ...

The GDPR Deadline Has Passed – Now What?

I was listening to Jenny Radcliffe interviewing Sarah Clarke on The Human Factor podcast the other day. (If you haven’t tuned in to this podcast, you are definitely missing out on a ...
ICANN Still Working on Interim Compliance Model for GDPR

ICANN Still Working on Interim Compliance Model for GDPR

The Internet Corporation For Assigned Names and Numbers (ICANN) is still in the process of developing an interim compliance model to address concerns surrounding GDPR. In an earlier blog post, I mentioned ...

GDPR Is Coming, So What Now for WHOIS Domain Registration Data?

When the European Union General Data Protection Regulation (GDPR) comes into force on May 25, 2018, what will happen to currently-available domain registration data in WHOIS? The GDPR restricts how personal data ...

ISO 27001 and Why It Matters for Your Business

ISO 27001 is a set of standards for information security management systems (ISMS). Created by the International Organization for Standardization, an independent, non-governmental organization, ISO 27001 is a part of the broader ...
Loading...