NIS 2 Compliance Deadline Approaches: What You Need To Know

NIS 2 Compliance Deadline Approaches: What You Need To Know

On Oct. 17, the Network and Information Security 2 Directive takes effect. This means that relevant entities in industries such as energy, transport, water, healthcare, and digital infrastructure that carry out activities within the E.U. must comply with the relevant legislation. NIS 2, which was approved by the European Parliament in November 2022, aims to establish a consistent, minimum cybersecurity baseline across all E.U. member states, involving mandatory security measures and reporting procedures. Organisations subject…

Read More

How organizations can save CISOs amidst increasing federal regulations

How organizations can save CISOs amidst increasing federal regulations

In an effort to bolster data security and privacy practices amidst increasing cyberattacks, new data breach reporting rules enforced by the Federal Trade Commission (FTC) and Securities and Exchange Commission (SEC) have taken effect for various organizations and financial institutions. Since May 13, 2024, non-banking financial institutions (including mortgage brokers, payday lenders and tax preparation firms) must report data breaches to the FTC within 30 days of discovery. This new mandate, which is part of…

Read More

Unchecked AI threatens consumer privacy — Regulation is crucial

Unchecked AI threatens consumer privacy — Regulation is crucial

As artificial intelligence (AI) becomes increasingly embedded into society — at home and in the office — through virtual assistants, automated services and workplace productivity tools, there is a pressing need for regulatory guardrails and governance policies to protect consumer privacy and data rights. Corporate AI adoption presents organizations with a rising threat of potential privacy violations. Shockingly, 45% of surveyed organizations have experienced unintended data exposure when implementing AI systems — a harsh reality…

Read More

Workplace compliance considerations for California Senate Bill 553

Workplace compliance considerations for California Senate Bill 553

The California Senate Bill 553 (CA SB 553), which went into effect on July 1, 2024, is a milestone in labor law legislation. The bill introduces new safety obligations for most businesses in California, aimed at addressing growing concerns around workplace violence. Specifically, CA SB 553 mandates the implementation of comprehensive workplace violence prevention plans (WVPPs). These plans must include procedures for identifying and addressing potential security risks, maintaining extensive and auditable records of each…

Read More

Workplace violence prevention: How to formulate a plan

Workplace violence prevention: How to formulate a plan

Workplace safety remains a critical issue, impacting more than 1 million Americans each year. In response to the challenge that employees face, California enacted S.B. 553 last fall, mandating that employers with more than 10 employees in the state of California develop workplace violence prevention plans, along with other requirements, by July 1, 2024.  Laws like S.B. 553 are essential tools for safeguarding employees that ensure employers meet legal standards, implement preventive measures and foster a…

Read More

Beyond compliance theater: Crafting a compliance strategy that works

Beyond compliance theater: Crafting a compliance strategy that works

For too long, enterprises have engaged in a performance of “compliance theater” — superficial processes that create an illusion of governance, risk management and compliance (GRC) without actually safeguarding the organization. In today’s volatile cyber landscape and heightened regulatory environment, checkbox-style compliance leaves companies dangerously exposed. True compliance requires a paradigm shift from reactive, incident-driven efforts toward the proactive integration of GRC principles into the very fabric of business operations. Only through a cohesive, risk-based…

Read More

To pay or not to pay? Negotiating in the age of ransomware

To pay or not to pay? Negotiating in the age of ransomware

In 2023, more than 2,200 networks across United States hospitals, schools and government organizations, as well as thousands of private businesses, were breached by cybercriminals. With another record-breaking year for ransomware and data extortion in the rearview mirror, organizations of all sizes are preparing for when they’ll need to make their big payout in 2024. But what if paying the ransom wasn’t the only way out?  There’s often room to negotiate with threat actors or,…

Read More

95% of organizations adjusted cybersecurity strategies this past year

95% of organizations adjusted cybersecurity strategies this past year

A report from LogRhythm takes a closer look at the evolving digital landscape, revealing that within the last 12 months, 95% percent of organizations reported altering cybersecurity strategies in place. The research included a global survey, in which 1,176 security leaders and professionals across five continents responded. Key explorations of the report include budget allocation, available resources, preparedness and accountability for breaches, reporting abilities and the effectiveness of security communication.  Considering there was a notable…

Read More

Navigate the new European AI Act and possible global standardization

Navigate the new European AI Act and possible global standardization

No doubt, the European Union’s (EU) recently approved, comprehensive regulation act on artificial intelligence (AI) is an important milestone in the global effort to establish responsible AI governance. This landmark legislation establishes a robust legal structure, setting stringent standards for AI development and usage within the EU, with the aim of nurturing a climate where businesses and investors can innovate with confidence, knowing their AI systems must adhere to principles of safety, transparency, equity and…

Read More

Safely unlocking the value of clinical data

Safely unlocking the value of clinical data

Safely unlocking the value of clinical data | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This Website Uses…

Read More
1 2