In the U.S., three states now have disparate data privacy laws - and more are coming. Meanwhile, China has enacted a new law that has global enterprises scrambling. How will these and other actions shape privacy discussions in 2022? Noted attorney Lisa Sotto shares insights.
Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP, joins three ISMG editors to discuss important cybersecurity and privacy issues, including how U.S. enterprises are harmonizing three disparate privacy laws, and ransomware preparedness.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the status of the recommendations of the Cyberspace Solarium Commission today and what still needs to be enacted by the current Congress, addressing the increasing challenge of cyberattacks...
The drive towards digital transformation and cloud has exposed organizations to unknown vulnerabilities and various forms of threats and attacks, resulting in cybercriminals stealing sensitive data.
There has been a compelling need for enterprises to protect sensitive data and reduce the scope of compliance...
In this update, four editors discuss key cybersecurity issues, including addressing the complexity of security, the rising number of victims targeted by double extortion ransomware and the Information Commissioner's Office's recent consultation on creating an international data transfer agreement.
Ireland's privacy law enforcer, the Data Protection Commission, has hit WhatsApp with a 225 million euro ($266 million) fine, finding that it violated the EU's General Data Protection Regulation in part by not telling users how it was sharing their data with parent company Facebook.
Because a relatively small number of individuals provide the vast majority of services and infrastructure that power cybercrime, they remain top targets for arrest - or at least disruption - by law enforcement authorities, says cybercrime expert Alan Woodward. But of course, geopolitics sometimes gets in the way.
Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports. The U.K. government has also been caught out by breaches and leaks involving military secrets and CCTV footage from a government building.
Amid a surge in new international data privacy laws and regulations, it is becoming increasingly challenging for organizations to stay compliant. The first step: data classification. In this webinar, a panel of experts will explain how integrating data classification with necessary data protection tools such as DLP,...
Amazon reports that it's been fined 746 million euros ($885 million) under the European Union's General Data Protection Regulation for violating privacy rights in its advertising program. The company says it plans to appeal.
Often traditional compliance processes in place in the organisation cannot scale up to growing requirements and complexities. As a result, too much time is wasted on after-the-fact mitigation on audit findings. In a fast-paced environment, organisations would like to break free from reactive and manual solutions and...
Where were you on May 25, 2018? That was the day the EU's General Data Protection Regulation went into full effect. Three years later, some legal and privacy experts say that while the global privacy discussion and expectations have evolved, GDPR still has some growing up to do.
It's not just traditional data governance – it's about business risk. And in the age of GDPR and CCPA, you’d best have a handle on data discovery and classification. Patrick Benoit of CBRE gives the BISO's perspective on data risk governance.
Ireland's privacy regulator has launched an investigation into Facebook after personal information for 533 million of the social network's users appeared for sale online. It will analyze whether Facebook violated the country's data protection law or the EU's General Data Protection Regulation.
Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.