• What Is the NIS 2 Directive and How Does It Affect You?

    What Is the NIS 2 Directive and How Does It Affect You?

    The NIS Directive was adopted in July 2015 and implemented in the European Union on May 9, 2018. The directive published a series of cybersecurity requirements for operators of essential services and digital service providers. The aim was to enhance the security and resilience of critical infrastructure and services by enforcing a high common level…

  • From GDPR to CCPA – Staying Ahead of the Curve in a Rapidly Changing Regulatory Landscape

    From GDPR to CCPA – Staying Ahead of the Curve in a Rapidly Changing Regulatory Landscape

    In 1986, the United States enacted a vital piece of legislation known as the Computer Fraud and Abuse Act (CFAA) to address a rise in computer-related crimes. CFAA made many computer-based offenses illegal, including hacking, computer trespassing, unauthorized access to computers and computer networks, and using computers to commit fraud or access national security information.…

  • SOC1, SOC2, SOC3 – Understand What You Need

    SOC1, SOC2, SOC3 – Understand What You Need

    Why does your business need compliance to grow? SOC compliance is crucial for those in service organizations. There are various compliance standards and accreditations that your business can work towards and ascertain, such as ISO 27001, NIST 800-53, and FEDRAMP, just to name a few. But arguably the most widely recognized and respected is SOC,…

  • Cybersecurity and Data Protection Laws: EU Healthcare Businesses

    Cybersecurity and Data Protection Laws: EU Healthcare Businesses

    Businesses operating in the European Union are subject to the strictest data protection regulation in the world, the General Data Protection Regulation (GDPR). Unlike the United States, the EU doesn’t have an industry-specific cybersecurity law for the healthcare sector. However, healthcare organizations are subject to a new cybersecurity law for businesses in essential industries, known…

  • Cybersecurity and Data Protection Laws: US Financial Services and Insurance Firms

    Cybersecurity and Data Protection Laws: US Financial Services and Insurance Firms

    Federal and state legislation say surprisingly little about how ordinary American businesses should manage their cybersecurity. However, financial services and insurance firms are not ordinary businesses. Because of their tendency to deal with sensitive personal data such as social security numbers, bank accounts and tax records, financial services and insurance firms are subject to a…

  • Cybersecurity and Data Protection Laws: US Healthcare Businesses

    Cybersecurity and Data Protection Laws: US Healthcare Businesses

    Ordinary American businesses are legally obligated to tell consumers when there has been a data breach but are not obligated to have cybersecurity protection in place. However, healthcare organizations are not ordinary businesses. Because they deal with protected health information (PHI), healthcare organizations are subject to special cybersecurity and data privacy rules pertaining only to…

Loading

Sign Up for Updates