Welcome to ISMG's GDPR Resource Center!

The EU revamped its vaunted data protection and privacy laws with the 2016 passage of the General Data Protection Regulation. GDPR enforcement went into full effect on May 25, 2018, and any organization that stores Europeans’ personal data must comply.

Profiles in Leadership: Rob Hornbuckle

Mathew J. Schwartz • June 30, 2022

Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.

General Data Protection Regulation (GDPR)

How to Identify Critical Access Points

Latest

Cybercrime

EU Grants Europol Supervised Data Processing Powers

Mihir Bagwe • May 6, 2022

The European Parliament has granted Europol permission to receive and process datasets from private parties and pursue research projects for better handling of security-related cases. Use of these powers will be overseen by the European Data Protection Supervisor and the Fundamental Rights Officer.

General Data Protection Regulation (GDPR)

Dutch Government Agencies Fined; 'Serious' GDPR Violations

Mihir Bagwe • April 13, 2022

The Dutch Data Protection Authority has imposed penalties of 3.7 million euros ($4 million) and 565,000 euros ($600,000) on the Dutch Tax and Customs Administration and the Ministry of Foreign Affairs, respectively, for violating the General Data Protection Regulation.

Critical Infrastructure Security

Cybersecurity Mesh is the Next Big Trend In Cybersecurity

Isa Jones • April 11, 2022

Ditch the old “castle-and-moat” methods. Instead, focus on critical access points and assets, making sure each individual point is protected from a potential breach.

3rd Party Risk Management

How to Maximize Application Intelligence

Tom Field • April 8, 2022

At a time when applications are more business-critical than ever - and visibility is more challenging to achieve - we need to discuss new strategies and tools for maximizing application intelligence. Sujay Pathakji of Axiom Telecom and Srudi Dineshan of Gigamon share insights.

3rd Party Risk Management

Why Third Parties Are an Organization's Biggest Risk Point

Tori Taylor • April 8, 2022

Hackers are exploiting third-party remote access. If you’re not taking third-party risk seriously, it’s just a matter of time until your company is the next headline.

Finance & Banking

Survey: State of Security Automation in Financial Services

Tom Field • April 1, 2022

When it comes to advanced threat response, 42% of financial institutions say their current abilities are average. Only 35% say automation currently plays a strong role. Josh Zelonis of Palo Alto Networks and Sid Srivastava of Accenture analyze the State of Security Automation in Financial Services.

Access Management

Why Access Governance Is Crucial For Strong Cybersecurity

Isa Jones • April 1, 2022

If an organization doesn’t know who is accessing what, how can they be trusted to make sure a bad actor isn’t gaining access to data, assets, or systems they shouldn’t?

Critical Infrastructure Security

Securing Industry 4.0: Insights From New Research

Tom Field • March 29, 2022

Eighty percent of survey respondents say they either are well on the way or getting started toward becoming a "smart manufacturing company." Cloud migration, business resiliency and securing OT environments are among their priorities. Del Rodillas of Palo Alto Networks analyzes the survey results.

COVID-19

How Has COVID-19 Changed CISO Approach to Data Security?

Tom Field • March 29, 2022

Fifty-three percent of survey respondents say cyberthreats became fiercer during COVID-19, and 17% say the pandemic disrupted their data security initiatives. These are among findings of a new survey sponsored by HelpSystems. Cary Hudgins analyzes the results and discusses how to put them to work.

3rd Party Risk Management

Impose Fine, Get Sued: A Day at the Irish DPC

Mihir Bagwe • March 16, 2022

On Tuesday, Ireland's Data Protection Commission imposed an $18.6 million penalty on tech firm Meta. That same day, the privacy watchdog was sued by a member of the nonprofit Irish Council for Civil Liberties over its "prolonged inaction" in the Google data breach case.

Application Security & Online Fraud

How a Global Pandemic Changed the Fraud Landscape

Tom Field • March 14, 2022

Pete Barker was a cybersecurity Digital Loss Prevention practitioner before joining SpyCloud as Director of Fraud & Identity. He saw first-hand the impact of COVID-19 on fraud incidents, which are more automated and broadly targeted. He explains how "COVID changed all the rules" and how defenders can raise their game.