Data privacy discussions must focus not just on collecting, storing and securing data, but also the impetus for doing so - and whether it is being done in an ethical manner, says consultant Thom Lagford, a former CISO, who addresses GDPR compliance issues.
New legislation introduced by Sen. Ron Wyden, D-Ore., would "bring meaningful punishments for companies that violate people's data privacy, including larger fines and potential jail time for CEOs," he says. But can Congress agree on a privacy law?
Twitter apologized on Tuesday for repurposing phone numbers provided by users for security features for use in targeted advertising, claiming the move was a mistake. Earlier, Facebook was reprimanded for a similar practice.
In today's shifting security and regulatory environment, ongoing third-party monitoring is crucial to compliance success. But how do you keep up with a constantly changing and growing list of vendors?
This session will outline the keys to third-party risk management success through a modern approach to monitoring...
Europe's top court has ruled that Google does not have to remove links to sensitive personal data globally under the EU's "right to be forgotten" requirements, saying the requirement only applies in Europe.
Foxit Software, the developer of popular PDF and document software, says user accounts were compromised in a breach. The company, which has 560 million users, isn't saying how the breach occurred, how many accounts were affected or for how long.
The realms of data privacy and information security have traditionally been separate in most organizations. However, these domains are increasingly fusing, and in today's digital world, you need them to work in unison.
Many companies leave the question of ownership to their legal department, but today's CIOs are...
The unfortunate reality is that your data security strategy will most likely stall or fail. Unstructured data is getting out of view and control in every organization across verticals. Policy management plays a critical role in the development of data security initiatives, but also requires a coordinated data...
Sweden's Data Protection Authority has issued its first fine for violations of the European Union's General Data Protection regulation after a school launched a facial recognition pilot program to track students' attendance without proper consent.
There are few regulatory environments more complex and challenging than that of a large public utility serving millions of customers across several states. So when the compliance management team at one such organization required a more streamlined approach to gathering, managing, and complying with hundreds of...
As many organizations are working to streamline their governance, risk and compliance (GRC) processes, they often encounter gaps in implementation and need to tailor their tools towards their unique industry and specific goals.
Download this guide which highlights how you can optimize your investment in the popular...
Authorities in the Netherlands recently levied a $516,000 fine under the General Data Protection Regulation against a hospital in the Hague in connection with a data breach involving "dozens" of staffers who snooped on the electronic medical records of a celebrity.
The latest edition of the ISMG Security Report analyzes the significance of fines against British Airways and Marriott for violations of the EU's GDPR. Also featured are discussions of California's privacy law as a model for other states and the next generation of deception technologies.