Education, How To, Information Security and Risk

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

The risks are real, and the impact of cybersecurity events continues to grow. A cyber catastrophe may seem inevitable, but there are basic practices and actionable steps any healthcare organization can take to begin reducing the clear and present risk of being impacted by a cybersecurity event. Educate employees.

Passwords

Passwords Cybersecurity Education Phishing

Final Draft of EU AI Act Leaked

Hunton Privacy

FEBRUARY 1, 2024

Classification of AI Systems The AI Act will introduce a risk-based legal framework for AI in the European Union that classifies AI systems as follows: Prohibited AI Systems. AI systems that present unacceptable risks to the fundamental rights of individuals would be prohibited under the AI Act. High Risk AI Systems.

Risk

Risk Education Artificial Intelligence Insurance

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Trending Sources

Building cyber security careers

IT Governance

OCTOBER 21, 2021

The need for experienced and qualified cyber security professionals is a highlight of Cybersecurity Career Awareness Week , led by NICE (National Initiative for Cybersecurity Education). Information security is a broader category that protects all information assets, whether in hard copy or digital form.

Security

Security Information Security GDPR Data Privacy

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Cloud infrastructure entitlement management (CIEM): Manages compliance, risk, and security with controlled user, system, and app cloud resource access. Cloud native application protection (CNAP) platforms: Secure applications and cloud resources with cloud-native and integrated security.

Security

Security Cloud Cybersecurity Risk

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

But those aren’t the only laws or regulations that affect IT security teams. There are plenty of others to worry anyone with job titles that include terms like “compliance,” “privacy,” and “security,” from CSOs on down. See the Top Governance, Risk and Compliance (GRC) Tools. PIPL Raises the Bar – And the Stakes.

Data Privacy

Data Privacy Compliance Privacy Security

Don’t gift cyber attackers access to your organisation this Christmas

IT Governance

DECEMBER 11, 2019

Let’s take a look at some of the most common mistakes organisations make and how to address them. Some are quick fixes that you can sort out before you go away for the holidays, whereas other require a refined, systematic approach to information security. Educate your employees on cyber security risks.

Access

Access Passwords Education Information Security

New SEC Cybersecurity Rules Could Affect Private Companies Too

eSecurity Planet

SEPTEMBER 23, 2022

See the top Governance, Risk & Compliance (GRC) tools. Proposed SEC Security Changes. Also read: What is Cybersecurity Risk Management? Therefore, we should examine each category and consider what the rules fundamentally request. for past events and the template of information required for those follow-up reports.

Cybersecurity

Cybersecurity Compliance Risk Communications

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

More and more, directors are viewing cyber-risk under the broader umbrella of corporate strategy and searching for ways to help mitigate that risk. Despite the plethora of cyber-risk guidance that has surfaced in recent years, however, there is no “silver bullet” for cyber incident response and prevention.

Cybersecurity

Cybersecurity Risk Passwords Authentication

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

Armstrong Archives

DECEMBER 19, 2023

No matter the size of a business, a well-defined record retention policy serves multiple purposes: ensuring compliance with legal and regulatory requirements, aiding in efficient document management, and securing sensitive information. Each category will have different legal and operational retention requirements.

Compliance

Compliance Archiving Digital transformation Sales

7 steps to highly effective GDPR compliance

IT Governance

AUGUST 21, 2019

IT Governance has created a simple guide to help you understand how to achieve regulatory compliance and avoid disciplinary action. Identify and minimise risks that result from your data processing. To determine what’s appropriate, you should conduct a risk assessment. Educate and empower your employees to make better decisions.

GDPR

GDPR Compliance Personal data Access

What UK charities need to know about GDPR compliance

IT Governance

AUGUST 2, 2019

The Regulation treats charities in much the same way as any organisation, because although they’re not using personal data to make a profit, they still run the risk of data breaches and privacy violations. The UK government’s Cyber Security Breaches Survey 2019 found that one in five charities suffered a cyber attack last year.

GDPR

GDPR Compliance Personal data Risk

Less than two months to go until DSP Toolkit submission deadline

IT Governance

FEBRUARY 19, 2019

Staff awareness has been added as a requirement of the DSP Toolkit to tackle the risks that poor education around data handling poses to healthcare organisations. How to prepare for the DSP Toolkit. The templates are aimed at organisations across both ‘small’ and ‘large’ organisation categories (as defined by the DSP Toolkit).

GDPR

GDPR Compliance Government Information Security

UK ICO Publishes First Two Reports from its Data Protection Sandbox Pilot

Hunton Privacy

JULY 28, 2020

On July 23, 2020, the UK Information Commissioner’s Office (the “ICO”) published the first two reports of its Data Protection Regulatory Sandbox Beta phase (the “Beta phase”) involving projects by Jisc (a not-for-profit organization serving the higher and further education and skills sectors) and Heathrow Airport Ltd.

IT GDPR Personal data Compliance

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

KnowBe4

APRIL 4, 2023

The voices of third sector representatives (NGOs, foundations, and educational institutions) are considered by government officials when justifying policy positions and determining how resources and political capital are spent. Date/Time: Wednesday, April 12, @ 2:00 PM (ET) Can't attend live? Save My Spot! or UK government authority."

Phishing

Phishing Security awareness Cybersecurity Education

5 learnings from the “Meeting the CCPA Challenge” webinar

Collibra

MARCH 12, 2020

The CCPA officially went into effect on January 1, 2020, impacting over 40 million California residents and thousands of businesses who use personal information (PI) around the globe. Consumers can ask businesses what categories of their PI is being collected. Businesses must provide clear notice about categories of PI it collects.

Data Privacy

Data Privacy Privacy Government Compliance

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

KnowBe4

JULY 5, 2023

Take note of the card and digital safety measures recommended by your financial institution: There is a lot of misleading information about how people may protect themselves from fraud, but it is always preferable to follow your financial institution's recommendations on how to secure your money. Thanks for your email.

Phishing

Phishing Security awareness Passwords Computer and Electronics

What Should Be The Core Competencies For Cybersecurity For C-Suite

Cyber Info Veritas

JULY 18, 2018

Cybersecurity: A Business Strategic Risk For many organizations, cybersecurity is a long way from being a core competency. Most IT specialists, board directors, and C-suite executives aren’t too familiar with matters to do with information security.

Cybersecurity

Cybersecurity Ransomware Information Security Risk

The Hacker Mind Podcast: Tib3rius

ForAllSecure

JANUARY 11, 2023

Tib3rius from White Oak Security discusses his experience as a web application security pen tester, his OSCP certification, and how he’s giving back to the community with his Twitch , Youtube , and tools he's made available on GitHub. And again, I do think it’s important that we have people who are formally educated.

IT Security Access Education

The Hacker Mind Podcast: Hacking Industrial Control Systems

ForAllSecure

APRIL 26, 2022

So there’s a need, a definite need, for information security professionals to have access to industrial control systems -- not virtual, but actual hands on systems -- so they can learn. In a moment I’ll introduce you to someone who is trying to do that--bring ICS equipment to security conferences.

Energy and Utilities

Energy and Utilities Manufacturing Risk IT

Information Management Today

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

Final Draft of EU AI Act Leaked

Webinars

Trending Sources

Building cyber security careers

Webinars

Network Security Architecture: Best Practices & Tools

Security Compliance & Data Privacy Regulations

Don’t gift cyber attackers access to your organisation this Christmas

New SEC Cybersecurity Rules Could Affect Private Companies Too

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

7 steps to highly effective GDPR compliance

What UK charities need to know about GDPR compliance

Less than two months to go until DSP Toolkit submission deadline

UK ICO Publishes First Two Reports from its Data Protection Sandbox Pilot

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

5 learnings from the “Meeting the CCPA Challenge” webinar

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

What Should Be The Core Competencies For Cybersecurity For C-Suite

The Hacker Mind Podcast: Tib3rius

The Hacker Mind Podcast: Hacking Industrial Control Systems

Stay Connected