Blog and Information Security - Information Management Today

California Assembly Proposes Data Privacy Law for Workers

Hunton Privacy

MAY 26, 2022

As reported in the Hunton Employment & Labor Perspectives Blog : Assembly Bill 1651 , or the Workplace Technology Accountability Act, a new bill proposed by California Assembly Member Ash Kalra, would regulate employers and their vendors regarding the use of employee data.

Privacy

Privacy Data Privacy Access IT

Building cyber security careers

IT Governance

OCTOBER 21, 2021

Cyber security roles are often technical and require knowledge of the threat landscape, detection/monitoring, technical protection, risk management and cyber incident response. Information security is a broader category that protects all information assets, whether in hard copy or digital form.

Security

Security Information Security GDPR Data Privacy

US dismantled and seized SSNDOB cybercrime marketplace

Security Affairs

JUNE 8, 2022

An international operation led by the US authorities dismantled and seized the infrastructure of the online marketplace SSNDOB. According to the authorities, the SSNDOB Marketplace has listed the personal information for approximately 24 million individuals in the United States, generating more than $19 million USD in sales revenue. .”

Blockchain

Blockchain Marketing Sales Security

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Think: an online retailer that stores customers’ email addresses to send order updates. Special category data includes biometrics, health records, race, ethnicity, and other highly personal information.

GDPR

GDPR Compliance Personal data Privacy

Key steps to GDPR compliance – Part 3

IT Governance

DECEMBER 20, 2017

In the first two blogs we set out key steps for starting compliance projects, along with some IT Governance solutions should you need any extra help. This third and final blog covers steps 7–9. This includes record keeping of processing activities and consent, testing information security controls and conducting DPIAs.

GDPR

GDPR Compliance Data breaches Information Security

China Releases Draft Regulations on Network Data Security Management

Hunton Privacy

JANUARY 26, 2022

In this blog post, we discuss several of the key areas addressed by the Draft Regulations. The definition of “data handler” under the Draft Regulations is similar to that of “data controller” in other privacy laws, such as the EU General Data Protection Regulation (“GDPR”). Scope of Jurisdiction. Data Handler and Entrusted Party.

Security

Security Data breaches Personal data Cybersecurity

Why risk assessments are essential for GDPR compliance

IT Governance

OCTOBER 15, 2019

The goal of any information security risk assessment methodology is to make sure everybody conducting the assessment or interpreting its findings are on the same page. The international standard for information security contains a best-practice framework for evaluating risks and is closely aligned with the GDPR.

GDPR

GDPR Risk Compliance Personal data

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

Together, the new laws require the implementation of reasonable data security safeguards, expand breach reporting obligations for certain types of information, and require that a “consumer credit reporting agency” that suffers a data breach provide five years of identity theft prevention services for impacted residents.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

Data Matters

NOVEMBER 27, 2019

To secure SFC approval, the following summarized key requirements must be satisfied: 1) Key requirements where records are “exclusively” kept with EDSPs. ensuring information security to prevent unauthorized access, tampering or destruction of records. Eligibility requirements. Personnel requirements. by encryption).

Cloud

Cloud Access Information Security Risk

What UK charities need to know about GDPR compliance

IT Governance

AUGUST 2, 2019

The Regulation treats charities in much the same way as any organisation, because although they’re not using personal data to make a profit, they still run the risk of data breaches and privacy violations. Process special categories of data on a large scale. But that doesn’t mean they shouldn’t.

GDPR

GDPR Compliance Personal data Risk

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

Data Matters

APRIL 6, 2022

The Division will examinate transfer agents who have not previously been examined and those that service microcap or municipal bond issuers, use novel technologies such as blockchain or online crowdfunding portal applications, or engage in significant paying agent activity.

Retail

Retail Compliance Sales Risk

U.S. states pass data protection laws on the heels of the GDPR

Data Protection Report

JULY 9, 2018

See our previous blog posts on GDPR here and here. See our earlier post on the California Consumer Privacy Act (“CCPA”) here. On the security front, as of March 2018, all 50 U.S. Virgin Islands, have enacted breach notification laws that require businesses to notify consumers if their personal information is compromised.

GDPR

GDPR Data breaches Personal data Insurance

When And How Cos. Should Address Cyber Legal Compliance

Data Matters

OCTOBER 30, 2017

Responsibility for corporate cybersecurity extends from the chief information security officer’s office, to the C-suite, to the corporate boardroom. With regard to phishing, vulnerabilities can arise when either employees or online users have been phished. What It Will Look Like With 20/20 Hindsight.

Compliance

Compliance Cybersecurity Risk Government

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

We have shared below some interesting points that we’ve seen arising recently, all of which relate to how things are likely to develop from today onwards, including enforcement predictions, challenges related to operationalizing data subject access procedures, and how the GDPR may change the data privacy litigation landscape in Europe.

GDPR

GDPR Personal data Compliance Data breaches

Summary – “Industry in One: Financial Services”

ARMA International

NOVEMBER 7, 2019

The major categories of financial institutions include central banks, retail and commercial banks, investment banks, investment companies, brokerage firms, internet banks, credit unions, and savings and loans associations. financial institutions. Risk Management and RIM.

Financial Services

Financial Services Communications Compliance Risk

Past, present, and future of the Dark Web

Security Affairs

MAY 16, 2019

Let’s also include all information by the IOT devices that are connected online by that that cannot be accessed for obvious reasons. that refer to ideological and collective movements, due to the greater number of Anarchist derivations, but there are also movements that promote the defense of online privacy.

Honeypots

Honeypots Marketing Access Military

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

Information security is not yet a science; outside of the handful of issues falling under the field of cryptography, there is no formalized system of classification. The most prepared cybersecurity programs of today will not attempt to implement a static, “out-of-the-box” solution to cyber risk.

Cybersecurity

Cybersecurity Risk Passwords Authentication

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

KnowBe4

MARCH 14, 2023

The title said it all, and the news is that more than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information. I'm giving you a short extract of the story and the link to the whole article is below.

Phishing

Phishing Security Artificial Intelligence Security awareness

Information Management Today

California Assembly Proposes Data Privacy Law for Workers

Building cyber security careers

Trending Sources

US dismantled and seized SSNDOB cybercrime marketplace

How to implement the General Data Protection Regulation (GDPR)

Key steps to GDPR compliance – Part 3

China Releases Draft Regulations on Network Data Security Management

Why risk assessments are essential for GDPR compliance

New York Enacts Stricter Data Cybersecurity Laws

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

What UK charities need to know about GDPR compliance

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

U.S. states pass data protection laws on the heels of the GDPR

When And How Cos. Should Address Cyber Legal Compliance

GDPR is upon us: are you ready for what comes next?

Summary – “Industry in One: Financial Services”

Past, present, and future of the Dark Web

An Approach to Cybersecurity Risk Oversight for Corporate Directors

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

Stay Connected