IT Governance

FEBRUARY 14, 2024

The benefits of partnering with us, and our partner-exclusive event IT Governance launched its partner programme in 2017, which now includes more than 400 organisations. What else can partners expect from the event? Once a year, we also like to get all our partners in one room at our annual partner event.

Government 59

Government IT Sales Data Privacy 59

Security Affairs

MAY 27, 2022

Security researchers devised a technique, dubbed GhostTouch, to remotely control touchscreens using electromagnetic signals. The researchers demonstrated how to inject two types of basic touch events, taps and swipes, into targeted locations of the touchscreen. The events allowed the researchers to control the devices (i.e.

Paper 144

Paper Libraries Passwords Authentication 144

eSecurity Planet

SEPTEMBER 23, 2022

Securities and Exchange Commission (SEC) strongly advised public companies to improve their cybersecurity. While the new security proposals have not yet become law, cybersecurity managers can begin to prepare metrics and audits that will not only help comply with those laws, but can also help create positive change now.

Cybersecurity 132

Cybersecurity Compliance Risk Communications 132

DLA Piper Privacy Matters

NOVEMBER 29, 2021

On 16 November 2021, the French data protection supervisory authority (the “CNIL”) published a practical guide (“Guide”) on Data Protection Officers (“DPOs”). The DPO is the key contact for the CNIL and data subjects. The CNIL notes that nearly 30,000 DPOs have been appointed in France, covering over 80,000 organizations.

GDPR 116

GDPR Compliance Personal data Communications 116

IT Governance

FEBRUARY 1, 2019

Follow our advice to successfully manage risks and respond to a variety of information security incidents. Under the GDPR (General Data Protection Regulation) , organisations have 72 hours from the moment they become aware of a breach to report the incident. Assess the affected data. DPOs: the key to data breach response.

Data breaches 99

Data breaches GDPR Personal data Compliance 99

DLA Piper Privacy Matters

AUGUST 23, 2021

In good news for organisations handling personal information, China’s Personal Information Protection Law (“ PIPL ”) was finalised on 20 August 2021, and will come into force on 1 November 2021. To be clear, this is not China’s own GDPR.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

Lenny Zeltser

NOVEMBER 3, 2023

The notion that security is everyone’s responsibility in computer systems dates back to at least the early 1980s when it was included in a US Navy training manual and hearings in the US House of Representatives. Behind the pithy slogan is the idea that every person in the organization contributes to its security program.

Cybersecurity 100

Cybersecurity Security Authentication Compliance 100

Security Affairs

MAY 23, 2022

Nisos analyzed the data and determined that Fronton is a system developed for coordinated inauthentic behavior on a massive scale.” ” reads the analysis published by the security firm NISOS. “Two example lists of posting source dictionaries were included in the data. ru to 0day[.]llc. Pierluigi Paganini.

IoT 115

IoT Sales Security Cybersecurity 115

AIIM

JULY 24, 2018

Data Privacy and Open Data: Secondary Uses under GDPR. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. GDPR Compliance Starts with Data Discovery.

GDPR 83

GDPR Compliance Privacy Data Privacy 83

Hunton Privacy

DECEMBER 2, 2020

On November 25, 2020, the European Commission published its Proposal for a Regulation on European Data Governance (the “Data Governance Act”). The Data Governance Act is part of a set of measures announced in the 2020 European Strategy for Data , which is aimed at putting the EU at the forefront of the data empowered society.

Government 70

Government Personal data Compliance GDPR 70

Security Affairs

JULY 21, 2021

The platform lists coupons in multiple categories including health, travel, food, services, events. July 19, 2021 – The actor having the alias “ bl4ckt0r ” has published TicketClub Italy database with over 340,957 users for sale and released several meaningful data dumps which may confirm the breach.

Data breaches 105

Data breaches Sales Retail Phishing 105

Data Matters

NOVEMBER 4, 2020

Third, it creates a new category of businesses: those that voluntarily agree to be subject to the CCPA. Entities must annually buy sell, or share personal information of 100,000 consumers, not 50,000 as under the CCPA, to qualify as a business under the second prong of the test. New Rights for Sensitive Personal Information.

Privacy 122

Privacy B2B Sales Data breaches 122

Data Matters

JUNE 11, 2018

Although the prospect of federal legislation on data privacy remains uncertain, states appear to be stepping up the range of their activity on privacy and security. Though Vermont is one of the smallest states, it has been active in privacy regulation and, on May 22, 2018, enacted the first state-level measure aimed at data brokers. .

Privacy 60

Privacy Sales Data breaches Personal data 60

Security Affairs

JULY 30, 2019

– card issuer and financial corporation suffered a data breach that exposed personal information from more than 100 million credit applications. Thompson (33) is suspected to be responsible for the data breach. On July 17, 2019, Capital One was informed of the incident by a GitHub user who saw the post.

Data breaches 76

Data breaches Access Computer and Electronics IT 76

Hunton Privacy

MARCH 26, 2019

On March 14, 2019, the Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , the “Dutch DPA”) published a press release announcing its policy (in Dutch ) for calculating administrative fines (the “Policy”). The Dutch DPA divided qualifying infringements into three or four categories.

GDPR 55

GDPR Personal data Authentication Compliance 55

Security Affairs

APRIL 3, 2021

More clients of Capital One have been impacted in the 2019 data breach, the US bank is notifying them of their SSNs exposure. US bank Capital One notified a number of additional customers that their Social Security numbers were exposed in the data breach that took place in July 2019. Thompson for the security breach.

Data breaches 73

Data breaches Access Security IT 73

Security Affairs

APRIL 22, 2022

The Pwn2Own Miami 2022 is a hacking contest organized by Trend Micro’s Zero Day Initiative (ZDI) that focuses on demonstrating exploits for ICS systems belonging to the following categories: the OPC UA Server, Control Server, Human Machine Interface, and Data Gateway. Hope to see them in future events as well.

Cybersecurity 89

Cybersecurity Security IT Information Security 89

AIIM

MARCH 16, 2021

In addition to helping organize and classify content, Metadata enables good findability, can trigger workflow and transactional processes, reveals document usage patterns and history, and helps establish retention and disposition events. Metadata can consist of many types of data. Metadata elements can often be grouped into categories.

Metadata 163

Metadata ECM Customer Experience Analytics 163

Data Matters

JANUARY 8, 2020

The National Futures Association (NFA) then sent a blast email to all NFA members in these registration categories (on behalf of the CFTC), with the DSIO alerts attached, further emphasizing to NFA members the information requested by DSIO and the deadlines for providing such information.

Cloud 60

Cloud Communications Retail Privacy 60

Data Matters

AUGUST 21, 2019

The CCPA’s private right of action provision gives California residents the right to sue companies when their personal information is subject to unauthorized access and exfiltration, theft, or disclosure due to a company’s failure “to implement and maintain reasonable security procedures and practices.”.

Data breaches 68

Data breaches Privacy Information Security Security 68

Security Affairs

SEPTEMBER 15, 2020

“We found that the main increase came from DDos attacks (a category of malicious cyber-attacks employed to make an online service, network resource or host machine unavailable to its intended users on the Internet).” The cause of the surge were DDoS attacks, typically deployed by hacktivists. Pierluigi Paganini.

Education 96

Education Ransomware Security IT 96

IT Governance

OCTOBER 15, 2019

Any organisation that’s required to comply with the GDPR (General Data Protection Regulation) must conduct regular risk assessments. However, the GDPR is clear that data is also vulnerable to accidental or unlawful destruction, loss or disclosure. GDPR: What’s the difference between personal data and sensitive data?

GDPR 71

GDPR Risk Compliance Personal data 71

Data Protection Report

FEBRUARY 21, 2018

As Data Protection Report posted on January 29, 2018 , lawmakers in Colorado are considering legislation that, if enacted, would significantly strengthen Colorado’s data privacy protections. On Wednesday, February 14, 2018, an amended bill passed unanimously in Colorado’s House Committee on State, Veterans and Military Affairs.

Data Privacy 40

Data Privacy Privacy Military Insurance 40

eSecurity Planet

DECEMBER 9, 2021

We make IT, security, or any business decision by weighing the risks and the rewards. Or as is often the case with security, what costs can we skip and still escape big penalties later? Unfortunately for those of us indulging in wishful thinking, the likelihood and costs of data breaches continue to increase.

Insurance 125

Insurance Ransomware Data breaches Cloud 125

AIIM

JANUARY 17, 2018

You might also be interested in: Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. GDPR Compliance Starts with Data Discovery. Step 1: Data Discovery.

GDPR 83

GDPR Compliance Data collection Privacy 83

Data Matters

NOVEMBER 13, 2020

The publication of the EC’s Draft comes just one day after the European Data Protection Board (EDPB) published its draft recommendations describing how controllers and processors transferring personal data outside the European Economic Area (EEA) may comply with the Schrems II ruling.

Personal data 68

Personal data GDPR Privacy Compliance 68

Hunton Privacy

OCTOBER 5, 2017

Last week, at the 39th International Conference of Data Protection and Privacy Commissioners in Hong Kong, data protection authorities from around the world issued non-binding guidance on the processing of personal data collected by connected cars (the “Guidance”).

Privacy 60

Privacy Personal data Data collection Data Privacy 60

Data Matters

FEBRUARY 10, 2022

On Monday, January 24, 2022, in a speech at the Northwestern University Pritzker School of Law annual Securities Regulation Institute conference, Gary Gensler, Chair of the U.S. He also signaled the SEC’s continued focus on enforcement and cooperation with other law enforcement agencies. Best Practices for Public Companies.

Cybersecurity 88

Cybersecurity Marketing Risk Compliance 88

Hunton Privacy

JUNE 22, 2018

For example, if enacted, the Bill would require businesses to disclose ( e.g. , in its Privacy Notice) the categories of personal information it collects about California consumers and the purposes for which that information is used. If enacted, the Bill would take effect January 1, 2020.

Privacy 45

Privacy Sales Data breaches IT 45

Hunton Privacy

SEPTEMBER 13, 2016

10173, known as the Data Privacy Act of 2012 (the “IRR”). Some points of interest that have been resolved or finalized include the following: The IRR has two separate defined terms, “personal data” and “personal information,” but the potential discrepancy between the two terms has been resolved.

Data Privacy 61

Data Privacy Privacy Personal data Data breaches 61

Data Matters

OCTOBER 30, 2017

When a company experiences a major data breach or hacking incident, media attention turns to speculation or allegations about the company’s past history of underinvesting in cyber defenses, its supposed culture of cyber complacency, or its history of unaddressed (but, in retrospect, allegedly clear) vulnerabilities. 1] The U.S.

Compliance 60

Compliance Cybersecurity Risk Government 60

Hunton Privacy

MARCH 17, 2017

On March 15, 2017, the French data protection authority (the “CNIL”) published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation (“GDPR”) that will become applicable on May 25, 2018. Step 1: Appointing a Data Protection Officer (“DPO”) or “Pilot”. Step 2: Data Mapping.

GDPR 75

GDPR Personal data Compliance Privacy 75

Data Matters

APRIL 6, 2022

Securities and Exchange Commission (SEC) Division of Enforcement (EXAMS or Division) issued its annual examination priorities. Microcap, Municipal, Fixed Income, and Over-the-Counter Securities. On March 30, 2022, the U.S. Broker-Dealer and Exchange Examination Program.

Retail 88

Retail Compliance Sales Risk 88

IT Governance

JULY 26, 2018

But despite increased excitement and relaxed engagement online, it’s important to remember that your media-rich content requires its own SPF (security protection factor) to defend against a costly data-breach burn… especially during the holiday months when your workforce is reduced and your resources are limited. What is Timehop?

Data breaches 53

Data breaches GDPR Personal data Government 53

Data Matters

JULY 15, 2020

Depending on the business model of the firm and the services it plans to offer, it may wish to use a combination of the options discussed above for different products or categories of customers. which entity retains the customer relationships in the event the joint venture is terminated. Data security. termination rights.

Compliance 68

Compliance Marketing Risk Privacy 68

Hunton Privacy

DECEMBER 20, 2017

The Guidelines aim to provide practical guidance and clarification on the transparency obligations introduced by the EU General Data Protection Regulation (“GDPR”). The transparency obligations require controllers to provide certain information to data subjects regarding the processing of their personal data.

GDPR 62

GDPR Personal data Privacy Communications 62

The Last Watchdog

FEBRUARY 21, 2022

The risks are real, and the impact of cybersecurity events continues to grow. A cyber catastrophe may seem inevitable, but there are basic practices and actionable steps any healthcare organization can take to begin reducing the clear and present risk of being impacted by a cybersecurity event. Evaluate data inventory.

Passwords 214

Passwords Cybersecurity Education Phishing 214