IT Governance

APRIL 12, 2022

Welcome to our first quarterly review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. IT Governance discovered 266 security incidents between January and March 2022, which accounted for 75,099,482 breached records.

Data breaches 115

Data breaches Ransomware Government Retail 115

IT Governance

OCTOBER 26, 2021

Welcome to our third quarterly review of security incidents for 2021, in which we take a closer look at the information gathered in our monthly list of cyber attacks and data breaches. IT Governance discovered 266 security incidents between July and September 2021, which accounted for 185,721,284 breaches records.

Data breaches 130

Data breaches Retail Government Ransomware 130

Data Matters

AUGUST 9, 2021

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”). Connecticut: An Act Concerning Data Privacy Breaches. Uniform Personal Data Protection Act.

Data breaches 88

Data breaches Privacy Personal data Data Privacy 88

IT Governance

JULY 11, 2022

Welcome to our second quarterly review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. IT Governance discovered 237 security incidents between April and June 2022, which accounted for 99,019,967 breached records.

Data breaches 105

Data breaches Ransomware Phishing Government 105

Hunton Privacy

JANUARY 26, 2022

On November 14, 2021, the Cyberspace Administration of China (“CAC”) released for public comment its draft Regulations on Network Data Security Management (the “Draft Regulations”). In addition, the Draft Regulations add new requirements related to data processing activities. Data Handler and Entrusted Party.

Security 116

Security Data breaches Personal data Cybersecurity 116

IT Governance

JANUARY 20, 2022

Welcome to our review of security incidents for 2021, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. IT Governance discovered 1,243 security incidents in 2021, which accounted for 5,126,930,507 breached records. How security incidents occurred.

Data breaches 144

Data breaches Ransomware Phishing Government 144

Hunton Privacy

JULY 9, 2020

On July 1, 2020, the Dubai International Financial Centre (“DIFC”) Data Protection Law No. Data Protection Principles: The New DP Law sets out requirements for processing that are largely identical to the data protection principles under the GDPR. 5 of 2020 came into effect (“New DP Law”). The New DP Law replaces DIFC Law No.

Personal data 127

Personal data GDPR Data breaches Compliance 127

IT Governance

JULY 10, 2023

Welcome to our second quarterly review of cyber attacks and data breaches for 2023. In this article, we take a closer look at the information gathered in our monthly list of security breaches , and delve into the infosec landscape over the past three months.

Data breaches 73

Data breaches Ransomware Encryption Government 73

IT Governance

NOVEMBER 28, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. We’ve also included more details on the top 3 biggest breaches of the week. The ‘enforcement’ and ‘other news’ categories remain unchanged. Breached records: 95,592,696.

Data Privacy 52

Data Privacy Privacy Energy and Utilities Data breaches 52

IT Governance

JULY 13, 2021

Welcome to our second quarterly review of security incidents for 2021, in which we take a closer look at the information gathered in our monthly list of cyber attacks and data breaches. In this blog, we provide an overview of the security landscape in the past three months, and look at key statistics and observations.

Data breaches 98

Data breaches Retail Ransomware Government 98

IT Governance

APRIL 12, 2023

Welcome to our first quarterly review of security incidents for 2023, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. Overview IT Governance discovered 310 security incidents between January and March 2023, which accounted for 349,171,305 breached records.

Data breaches 59

Data breaches Ransomware Government Encryption 59

DLA Piper Privacy Matters

DECEMBER 3, 2021

The United Arab Emirates (“UAE”) has enacted its long awaited federal level data protection law. 45 of 2021 on the Protection of Personal Data Protection (“ PDPL ”), which was issued on 26 September 2021. Definitions. This article examines some of its key features. What does the PDPL cover and who does it apply to?

Personal data 105

Personal data Data breaches GDPR Compliance 105

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. The company processes data on behalf of a company based in the EEA.

GDPR 84

GDPR Compliance Personal data Privacy 84

Data Matters

NOVEMBER 4, 2020

Changes to the Definition of Businesses Subject to the CPRA. The CPRA adjusts its definition of a “business” as defined by the CCPA; broadening the scope in some cases, and narrowing it in others. The CPRA expanded the definition of a business in several respects. However, in some cases, the definition of “business” is narrowed.

Privacy 122

Privacy B2B Sales Data breaches 122

Data Matters

JULY 14, 2022

As the year approaches its halfway point, Chinese government accelerates the legislation for cross-border data transfers. Certification Rules for Cross-Border Data Processing Activities Are Finalized. other matters that may impact the security of the personal information export. What is in the standard contract?

Compliance 97

Compliance Risk Data breaches Cybersecurity 97

eSecurity Planet

DECEMBER 22, 2021

But in order for businesses to maintain compliance with major privacy laws , they have to have security measures in place before an attack. The regulations from GDPR, PIPL, and CCPA are especially prevalent to MSPs and software vendors because they get access to data from so many organizations, but all businesses need to comply with them.

GDPR 144

GDPR Compliance Data Privacy Privacy 144

Data Protection Report

JANUARY 16, 2020

CB(2) 512/19-20(03 ) (the Paper ) seeking views on changes to Personal Data (Privacy) Ordinance (Cap.486) The Paper sets out six proposed amendments to the PDPO: Introduction of a mandatory breach notification mechanism. Certainty around data retention periods. 486) (the PDPO ). how the retention period will be counted.

Paper 56

Paper Personal data Data breaches Privacy 56

Data Matters

AUGUST 5, 2019

On July 25, 2019, Governor Cuomo signed the two bills into law, one which amended the state’s data breach notification law, and another that created additional obligations for data breaches at credit reporting agencies. The Stop Hacks and Improve Electronic Data Security Act.

Cybersecurity 68

Cybersecurity Data breaches Privacy Risk 68

Data Protection Report

JUNE 27, 2019

While laws like the California Consumer Privacy Act (CCPA) are getting all the attention, many states are actively amending their breach notification laws. The Attorney General will also be permitted to publish information concerning breaches. Massachusetts ( HB 4806 ) – Massachusetts expands data breach notification obligations.

Data breaches 40

Data breaches Passwords Privacy Military 40

Data Protection Report

JANUARY 16, 2020

CB(2) 512/19-20(03 ) (the Paper ) seeking views on changes to Personal Data (Privacy) Ordinance (Cap.486) The Paper sets out six proposed amendments to the PDPO: Introduction of a mandatory breach notification mechanism. Certainty around data retention periods. 486) (the PDPO ). how the retention period will be counted.

Paper 40

Paper Personal data Data breaches Privacy 40

IT Governance

JULY 2, 2020

The Regulation came into effect on 25 May 2018, and was designed to strengthen the rights of EU residents regarding the way organisations process and use their personal data. First, the UK has implemented the UK DPA (Data Protection Act) 2018 , which adopts the GDPR into national law. What is personal data?

GDPR 111

GDPR Personal data Data breaches Compliance 111

Data Protection Report

FEBRUARY 28, 2020

The Personal Data Protection Act B.E. However, most of the operational provisions, including provisions relating to the rights of a data subject, the obligations of a data controller and the penalties for non-compliance, will become effective on 27 May 2020, 1 year after the PDPA is published. Definition of Personal Data.

Personal data 93

Personal data Compliance Privacy Access 93

DLA Piper Privacy Matters

SEPTEMBER 10, 2021

The government has today published its eagerly awaited Consultation Paper on Reforms to the UK Data Protection Regime – ‘Data: A New Direction’ (“ Consultation Paper ”), setting out the specific areas for regulatory reform of the UK’s data protection regime.

Government 104

Government Paper Personal data GDPR 104

eSecurity Planet

DECEMBER 7, 2023

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. The codes created in cryptographic research are called cryptographic algorithms, or encryption algorithms, and the process of applying those algorithms to data is called encryption. How Does Encryption Process Data?

Encryption 112

Encryption IT Passwords IoT 112

eSecurity Planet

FEBRUARY 14, 2023

I remember the first time we were asked for a SOC 2 report, which quickly became the minimum bar requirement in our industry for proof of an effective security program,” he said. The vision was to automate security and compliance across 14 frameworks, including SOC 2, ISO 27001, HIPAA and GDPR. Growth has definitely been robust.

Compliance 120

Compliance Security Cybersecurity Marketing 120

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

eSecurity Planet

OCTOBER 14, 2022

Sky Mavis has taken steps to improve its security. The risks are high as it’s a new, loosely regulated industry with many new technologies that may not be fully vetted or secured.”. The definition of Web3 is a bit fuzzy. Many users could control their own data. See the Top Data Loss Prevention (DLP) Solutions.

Cybersecurity 119

Cybersecurity Blockchain Insurance Security 119

Data Protection Report

JULY 9, 2018

states have recently introduced and passed legislation to expand data breach notification rules and to mirror some of the protections provided by Europe’s newly enacted General Data Protection Regulation (“GDPR”). On the security front, as of March 2018, all 50 U.S. data protection laws that were passed in the last year.

GDPR 40

GDPR Data breaches Personal data Insurance 40

Hunton Privacy

DECEMBER 7, 2017

On December 1, 2017, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Personal Data Breach Notification (the “Guidelines”). Criteria to Consider in Assessing Breach Risk. Risk Assessment.

Data breaches 45

Data breaches Personal data GDPR Risk 45

Data Protection Report

FEBRUARY 21, 2018

As Data Protection Report posted on January 29, 2018 , lawmakers in Colorado are considering legislation that, if enacted, would significantly strengthen Colorado’s data privacy protections. Under HIPAA, healthcare organizations must report breaches within 60 days after a breach is discovered.

Data Privacy 40

Data Privacy Privacy Military Insurance 40

eSecurity Planet

AUGUST 31, 2022

To make better risk decisions, you need comprehensive vulnerability intelligence,” the report said, adding that security teams can maximize resources and reduce their immediate workload by 82 percent by first focusing on actionable, high severity vulnerabilities. Can the vulnerability cause a massive downtime or data breach?

Security 129

Security Risk Blockchain Metadata 129

Data Protection Report

NOVEMBER 14, 2023

1 The SEC investigation began following SolarWinds’ widely reported 2020 breach, which was felt throughout the US economy. 1 The SEC investigation began following SolarWinds’ widely reported 2020 breach, which was felt throughout the US economy.

Cybersecurity 115

Cybersecurity IT Risk Passwords 115

Data Protection Report

JULY 8, 2019

Following the now famous €50m fine imposed on Google LLC in January 2019, [1] the French Data Protection Authority (the CNIL ) published a decision taken on 28 May 2019 [2] imposing a fine of €400,000 on SERGIC, a company specialised in real estate development, purchase, sale, rental and property management.

GDPR 40

GDPR Personal data Compliance Security 40

Data Protection Report

JANUARY 6, 2020

2020 could well be a year of data export turmoil – so brace yourself! Although the AG’s view was that the SCCs are valid, he suggested that those using them would need to examine the national security laws of the data importer’s jurisdiction to determine whether they can in fact comply with the terms of the SCCs.

Privacy 85

Privacy GDPR Data breaches Risk 85

eSecurity Planet

JULY 27, 2023

billion , according to data from Crunchbase. “The macroeconomic headwinds, the interest rate hikes, the persistent inflation as well as the collapse of several tech banks has definitely slowed down the pace of the cybersecurity investments since 2022,” said Umesh Padval, who is a venture partner at Thomvest Ventures.

Cybersecurity 98

Cybersecurity Marketing Cloud Artificial Intelligence 98

DLA Piper Privacy Matters

MAY 11, 2020

1, 2023, and move California privacy law a bit further in the direction of the EU General Data Protection Regulation. Create an operationally significant limited exception to deletion and access rights for many types of unstructured data. Amend the second threshold of the definition of a “business” to remove “devices.”

Privacy 52

Privacy Unstructured data Access Data collection 52

IT Governance

APRIL 25, 2023

Insider threats are one of the most difficult security challenges that organisations face. Preventing this from happening requires a nuanced approach to information security, and it’s one that organisations are increasingly struggling with. Insider threats fall into two categories: malicious or negligent.

Data breaches 105

Data breaches Phishing Personal data Access 105