Here are some laws that come up frequently in technology conversation and are also most often among questions on security exams.
Effective April 15th 2017, AICPA's New Cybersecurity Risk Management Examination Report
New York State Department of Financial Services (DFS) first-in-the-nation cybersecurity regulation to protect New York State from the ever-growing threat of cyber-attacks is now in effect. DFS Cybersecurity requires banks, insurance companies, and other financial services institutions regulated by DFS to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York State’s financial services industry.
We just got our daily update from JDSupra (still LOVE THEM!) titled "California's Shine the Light Law: Latest Class Action Threat for Online Retailers and Electronic Commerce Companies", under the topic of Retail Industry Alert. Here's a link to get you started, because it's important business compliance reading, but that's not why I'm sending you all this letter.
While 15% of EU citizens report not trusting businesses with their information, they also lack the tools to securely manage their own private information.
Me Tarzan, You Jane is my way of reminding everyone that we can't get far without some common language. This month, GDPR and NIST 171 are top of mind around our office. Here's what we found helpful.
In order to propose controls that would implement the requirements of the GDPR in UK governed business, EnterpriseGRC Solutions has embarked on mapping the The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU), to the both NIST 800 53 r4 control enhancements and the HM Government (Her Majesty's) NATIONAL CYBER SECURITY STRATEGY 2016-2021. Please download the National Cyber Security document here National Cyber Security Strategy 2016-2021 - Gov.uk