Data security news & resources

Today’s organizations are investing in cybersecurity controls and technologies more than ever before. It’s easy to understand why. Data breaches and compliance fines aren’t just inconveniences in the modern world of business. They’re potential points of failure. A wide scale security incident can completely erode customer trust and the bottom line, putting some organizations out […]

In 2024, human error continues to be the number one cause of data breaches, leaks and compliance fines in the enterprise. Despite organizations consistently investing in cybersecurity awareness training, something is going amiss: employees aren’t learning.  For CISOs and their teams, the fallout of ineffective training programs can be severe. Many training initiatives are expensive, […]

On March 29, 2024, the California Privacy Rights Act (CPRA) will come into effect, marking a new era of data privacy requirements for businesses operating in California.  The CPRA aligns California’s data privacy regulations more closely with the European Union’s General Data Protection Regulation (GDPR), putting stringent expectations on companies regarding how they collect, use, […]

Medium and large organizations that operate in the European Union (EU) have just months to comply with NIS2, the EU’s latest and most stringent piece of cybersecurity legislation yet.  Here, we’ll explore how data loss prevention (DLP) can help businesses meet NIS2 compliance requirements before the October deadline.  Key focus areas of NIS2 NIS2’s requirements […]

The National Institute of Standards and Technology (NIST) has released the latest iteration of its renowned Cybersecurity Framework (CSF), designed to help organizations mitigate cybersecurity risk.  The new CIST CSF 2.0 is aimed at organizations of all sizes in all sectors. What’s new in the NIST CSF 2.0?  NIST initially released the CSF in 2014 […]

Organizations operating in the European Union (EU) must make important security strides in the next few months because the second iteration of the Network and Information Security directive (NIS2) will become part of law across EU member states in October.  NIS2 introduces stringent cybersecurity requirements for medium and large-sized organizations in certain sectors that operate […]

On December 26, 2023, the department of defense (DoD) announced the proposed rule for CMMC 2.0, which is open for comments until February 26, 2024.   If you’re an organization that works with the DoD, it’s time to start preparing for CMMC 2.0 compliance.  What is the difference between CMMC 1.0 and CMMC 2.0? In 2020, […]

Houston, we have a problem. NASA may have put men on the moon, but its privacy program is in need of some rocket fuel.  That’s according to the aerospace agency’s Office of Inspector General (OIG), who recently reviewed NASA’s privacy program and found its data loss prevention (DLP) approach to be astronomically lacking.  In an […]

It’s been 20 years since the National Institute of Standards and Technology (NIST) released its guidance on building enterprise security awareness and training programs. A lot has changed since then.  With new attack types, the advent of cloud applications, the work-from-anywhere era, and generative AI, NIST has realized that their previous idea of effective training […]

Imagine this scenario: Your sales team, in the midst of a hectic period, rushes to finalize a proposal for a crucial prospect. Strapped for time, they turn to ChatGPT for assistance, feeding it sensitive contract and company data to speed up the process. Seems harmless, right? Actually, the data your sales team entrusted to ChatGPT […]

Generative AI is the perfect embodiment of the double edged sword. Yes, the consensus is clear: tools like Bard and ChatGPT are sparking a surge in productivity in the enterprise, spanning cybersecurity, customer experience, sales and more. It’s a boon on one side of the spectrum. Now, let’s turn our attention to the other side—the […]