Medium and large organizations that operate in the European Union (EU) have just months to comply with NIS2, the EU’s latest and most stringent piece of cybersecurity legislation yet. Here, we’ll explore how data loss prevention (DLP) can help businesses meet NIS2 compliance requirements before the October deadline. Key focus areas of NIS2 NIS2’s requirements […]
Data security news & resources
What does the NIST Cybersecurity Framework 2.0 say about data loss prevention?
The National Institute of Standards and Technology (NIST) has released the latest iteration of its renowned Cybersecurity Framework (CSF), designed to help organizations mitigate cybersecurity risk. The new CIST CSF 2.0 is aimed at organizations of all sizes in all sectors. What’s new in the NIST CSF 2.0? NIST initially released the CSF in 2014 […]
How to lower your cyber insurance premium in 2024
As the cost of data breaches rises year over year, many organizations look to cyber insurance to protect themselves from potential losses. Even in supplier contracts, more companies are now making cyber insurance a prerequisite to do business. However, cyber insurance is costly. Five years ago, obtaining coverage was easy and relatively cheap. But, today’s […]
4 questions CISOs need to consider before deploying generative AI
The boardroom conversations have begun. Your company’s CEO is eager to put generative AI into action. They know it’s vital to improving efficiency and productivity as well as maintaining competitiveness. But, they’ve also heard about the risks. Namely, hallucinations, data leakage and cyber-attacks. So, they turn to you: the company’s CISO. You, yourself, know that […]
NASA’s DLP program fails to lift off
Houston, we have a problem. NASA may have put men on the moon, but its privacy program is in need of some rocket fuel. That’s according to the aerospace agency’s Office of Inspector General (OIG), who recently reviewed NASA’s privacy program and found its data loss prevention (DLP) approach to be astronomically lacking. In an […]
Millions impacted by Dollar Tree supply chain breach
You might be confident in your cybersecurity posture, but if you don’t know how your suppliers approach data protection, you’re still at risk of a huge data breach. That’s precisely what happened to Dollar Tree. Over the weekend, the well-known discount retailer hit the headlines after falling victim to a supply chain cyber attack. And, […]
5 tips for CISOs to prepare for SEC cybersecurity compliance
In a landmark development that will reshape how public companies navigate cybersecurity risk, the US Securities and Exchange Commission (SEC) has given the green light to a set of rules that demand greater diligence in cybersecurity risk management, strategy, governance, and incident disclosure. As of December this year, public companies will be required to promptly […]
3 mistakes law firms make with Slack
In today’s fast-paced legal landscape, Slack has emerged as the go-to collaboration app for law firms worldwide. However, legal personnel often make a few all too common mistakes with this app that expose their companies to compliance gaps and hinder their ability to effectively manage sensitive information. Below, we’ll explore these mistakes in detail, offering […]
What is PCI DSS 4.0 and how does it impact banks’ data workflows?
PCI DSS is getting a long-awaited makeover and banking institutions need to take note. Sure, banks should be in a good stead to meet PCI compliance, given that they already have to contend with a range of strict data privacy regulations and auditing requirements, such as the GBLA, SOX and regular audits from the FDIC […]
What you need to know about the US National Cybersecurity Strategy
On March 2, 2023, the Biden administration announced the release of a new National Cybersecurity Strategy, outlining the government’s approach to strengthen cybersecurity governance, improve online safety for citizens and build a fortified digital ecosystem resilient to attacks. Whether your organization resides in the public or private sector, the National Cybersecurity Strategy will have implications […]
FISMA compliance: a comprehensive guide
The Federal Information Security Management Act (FISMA) is a United States federal law enacted in December 2002 under the E-Government Act. The act mandates federal agencies to develop, document and implement an information security program, considering both processes and systems controls, to “protect information and information systems from unauthorized access, use, disclosure, disruption, modification, or […]