Welcome to ISMG's GDPR Resource Center!

The EU revamped its vaunted data protection and privacy laws with the 2016 passage of the General Data Protection Regulation. GDPR enforcement went into full effect on May 25, 2018, and any organization that stores Europeans’ personal data must comply.

Houses of Parliament on the River Thames in London (Image: Shutterstock)

UK Reintroduces Bill Proposing Modifying Country's GDPR

Akshaya Asokan • March 8, 2023

The British government is proposing modifications to the European privacy law adopted as British law before the U.K. left the EU. Civil society groups warn that changes to the U.K. GDPR could lead to more surveillance. Some tech firms say the government is poised to increase its regulatory burden.

Data Loss Prevention (DLP)

Scottish Schools' Use of Facial Recognition Violated GDPR

Latest

Leadership & Executive Communication

Advance Your Security Awareness Training Program: Research Results Analysis

Anna Delaney • January 27, 2023

Sara Pan, senior product marketing manager at Proofpoint shares insights from Proofpoint's 2022 Security Awareness Study on how to improve security awareness training programs.

Fraud Management & Cybercrime

Ransomware Profits Dip as Fewer Victims Pay Extortion

Mathew J. Schwartz • January 23, 2023

Bad news for ransomware groups: Experts find it's getting tougher to earn a crypto-locking payday at the expense of others. The bad guys can blame a move by law enforcement to better support victims, and more organizations having robust defenses in place, which makes them tougher to take down.

API Security

Hacker Claims to Have Scraped 400M Twitter User Records

David Perera • December 24, 2022

A member of a criminal data breach forum says he's selling email addresses and phone numbers of 400 million Twitter users. If verified, the data breach would be a further blow to Twitter and its beleaguered chief executive as regulators increase pressure over the firm's security practices.

Network Detection & Response

X5 Firewall Practices to Prevent a Data Breach

Eleanor Barlow • December 15, 2022

Experiencing an attack is only a matter of time. Most organizations are unaware when a breach is made, and threats go undetected for months at a time due to a global lack of visibility, especially when it concerns endpoints. But there are X5 firewall practices to prevent a data breach.

Cybercrime

New Approaches to Solve the Age-Old AML Problem

Wiebe Fokma • December 13, 2022

Banks using behavioral-based controls are detecting malicious accounts in 92% of cases before traditional AML and transaction monitoring systems alert the bank.

Account Takeover Fraud

How to Predict New Account Risk

Tom Field • December 5, 2022

Application fraud has spiked - particularly bogus new accounts - and organizations are scrambling to improve fraud detection mechanisms without negatively affecting the legitimate customer's experience. Robin Love of Early Warning shares insights on how to better predict new account risk.

Healthcare

Cybersecurity Is Patient Safety, Says US Senator

Marianne Kolbasuk McGee • November 3, 2022

A U.S. senator is suggesting adding cybersecurity standards to the list of federal prerequisites for medical practice participation in Medicare. Cybersecurity is a patient safety issue, says Mark Warner (D-Va.). He today released a slew of proposals for augmenting healthcare cybersecurity.

Customer Identity & Access Management (CIAM)

Spotting and Stopping Synthetic ID Fraud

Tom Field • October 27, 2022

Synthetic identity fraud is the fastest-growing financial crime in the country. By combining real and fabricated personal information, a synthetic identity is specifically designed to look and act like a valid identity - until it doesn’t, leaving financial losses and criminal activity in its wake.

Email Threat Protection

Enterprise Fraud and Financial Crimes Compliance: How Banks Need to Adapt

Information Security Media Group • October 27, 2022

View this webinar to learn about five emerging trends for next-gen fraud and financial crime management.

Finance & Banking

Journey to AML Modernization

Information Security Media Group • October 26, 2022

View this webinar to learn about the building blocks for beginning the journey to security modernization.

Cloud Security

How to Achieve Cloud Security and Visibility Through Threat Detection

Tom Field • October 21, 2022

Russell Shupert of Veeva Systems explains the challenges faced in securing a complex environment. He discusses how his team overcame these challenges, the benefits they achieved and how Threat Stack's Cloud Workload Protection and Application Infrastructure Protection tool helped along the way.

3rd Party Risk Management

What to Do Based on 2022: Expert Analysis of TPSRM Survey

Tony Morbin • September 21, 2022

From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.