Are we ready to be a society in the cloud?

We just got our daily update from JDSupra (still LOVE THEM!) titled "California's Shine the Light...

Read More...

Data Centric Security and EU General Data Protection Regulation (GDPR)

While 15% of EU citizens report not trusting businesses with their information, they also lack the...

Read More...

Data in the Cloud - Explicit consent, Right of portability, Right to be forgotten

How old is your facebook picture? (No, don't tell me, I don't care.)  How much of our privacy...

Read More...

Decision 2010/87/EU

EU Data Protection Authorities Approve Google’s Cloud Commitments for International Data...

Read More...

Description Criteria - AICPA Guidance for Cybersecurity Risk Management Program

Effective April 15th 2017, AICPA's New Cybersecurity Risk Management Examination Report

Read More...

Example of a Great Web Privacy Policy

I like this privacy policy.  

Read More...

GDPR Timebomb

 Keith Lipman, Esq. is an outstanding writer and contributor at JDSupra

Read More...

Harmonization

History of controls harmonization is really the history of managing conversations about risk. Cyber...

Read More...

ISO/IEC 27001 Compliance Readiness

ISO/IEC 27001:2005 - now ISO/IEC 27002:2013

Read More...

Laws - most frequently asked in CISSP exam

Here are some laws that come up frequently in technology conversation and are also most often...

Read More...

Marc Vael - Kibersahs 2016

Privacy by Design, presented by Marc Vael, President ISACA Belgium 

Read More...

Maturity vs. Compliance

Making Process Real, a seminar in preparing to meet new regulations for controls as proposed by...

Read More...

Me Tarzan, You Jane: NIST SP800-171 & GDPR Glossary

Me Tarzan, You Jane is my way of reminding everyone that we can't get far without some common...

Read More...

National Cyber Security Strategy 2016-2021 - Gov UK

In order to propose controls that would implement the requirements of the GDPR in UK governed...

Read More...

NERC CIP

North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) –...

Read More...

New York Department of Financial Services (“DFS”) Cybersecurity Regulation

New York State Department of Financial Services (DFS)  first-in-the-nation cybersecurity regulation to...

Read More...

No SOC No $ervice AICPA SSAE 16

AICPA Service Organization Control Reports - SOC 2

Read More...

PCI Compliance Approach

Security and Privacy Issues and Precautions There are Six Steps to Achieving PCI Compliance, seven if...

Read More...

Privacy Resources - Facts, not Fiction

 Risks in Life Logging - ENISA, because Europe saw it coming

Read More...

Security, Privacy, Breach Notification and HIPAA

HIPAA – HITECH, Aligning Secure Host Baselines According to Common Security Framework CSF

Read More...
ISACA

Using Workday to Drive a New Auditing Paradigm - IAM and SOX Controls Automation

The New Auditing Paradigm - IAM and SOX Controls Automation Workday Rising presentation showed an...

Read More...

Why Align With ISO/IEC 27002:2013?

Tools approach to automating ISO27002 ISMS Policy aligned continuous monitoring

Read More...