Comparing GDPR and CCPA

Reading Time: 5 minutes The GDPR in Europe was one of the first major data privacy regulations to be implemented in recent times, followed closely by the CCPA in the United States. And since its enforcement, GDPR has been seen as the “gold… Read More

Data Classification: The Cornerstone of Regulatory Compliance

Reading Time: 2 minutes The primary reason most organizations look at classifying the data they create and handle is to control access to sensitive information, driven by the need to manage security risk, and comply with data protection regulations such as GDPR, CCPA,… Read More

NIST 800-171B: New Draft Publication Reveals 33 Enhanced Security Requirements

Reading Time: 4 minutes In July, NIST released draft versions of two new publications: NIST SP 800-171 Revision 2: Protecting Controlled Unclassified Information in Non-federal Systems and Organizations and NIST SP 800-171B: Protecting Controlled Unclassified Information in Non-federal Systems and Organizations: Enhanced Security… Read More

More Cybersecurity Regulation Oversight Possible Under New NYDFS Division

Reading Time: 2 minutes The creation of a new NYDFS division to review and respond to cybersecurity events and enforce policy around financial crimes could lead to increased oversight under the department’s watershed Cybersecurity Rule (23 NYCRR 500). A new division within New… Read More

CCPA – The New Law Delivering GDPR-Style Privacy To California

Reading Time: 4 minutes On June 28, 2018, the California Consumer Privacy Act of 2018 (CCPA) was signed into law. The CCPA provides consumers who are residents of California a number of rights and unless the date of implementation is amended by California… Read More