Reading Time: 5 minutes The GDPR in Europe was one of the first major data privacy regulations to be implemented in recent times, followed closely by the CCPA in the United States. And since its enforcement, GDPR has been seen as the “gold… Read More

Reading Time: 2 minutes The primary reason most organizations look at classifying the data they create and handle is to control access to sensitive information, driven by the need to manage security risk, and comply with data protection regulations such as GDPR, CCPA,… Read More

Reading Time: 4 minutes In July, NIST released draft versions of two new publications: NIST SP 800-171 Revision 2: Protecting Controlled Unclassified Information in Non-federal Systems and Organizations and NIST SP 800-171B: Protecting Controlled Unclassified Information in Non-federal Systems and Organizations: Enhanced Security… Read More

Reading Time: 2 minutes The creation of a new NYDFS division to review and respond to cybersecurity events and enforce policy around financial crimes could lead to increased oversight under the department’s watershed Cybersecurity Rule (23 NYCRR 500). A new division within New… Read More

Reading Time: 4 minutes On June 28, 2018, the California Consumer Privacy Act of 2018 (CCPA) was signed into law. The CCPA provides consumers who are residents of California a number of rights and unless the date of implementation is amended by California… Read More