Welcome to ISMG's GDPR Resource Center!

The EU revamped its vaunted data protection and privacy laws with the 2016 passage of the General Data Protection Regulation. GDPR enforcement went into full effect on May 25, 2018, and any organization that stores Europeans’ personal data must comply.

Charles Gillman, head of information security at Moula Money and executive member of the CyberEdBoard

How to Save Money on Pen Testing - Part 1

Charles Gillman • November 24, 2021

The findings from a penetration test can help you identify risks and gaps in your security controls. Charles Gillman offers tips to maximize the value of your next pen test and, in the process, deliver better results.

►

Fraud Management & Cybercrime

Rethinking Risk in the Wake of DDoS Extortion

Latest

3rd Party Risk Management

Risk Quantification 101: Communicate Risk in Dollars and Cents

Information Security Media Group • November 9, 2021

In this video, LogicGate and Protiviti explores the fundamentals of risk quantification and highlight how the practice empowers you to leverage the power of risk confidently and strategically.

Application Security & Online Fraud

Fraud Transformation: Balancing Business and Customer Needs

Tom Field • October 11, 2021

More than two-thirds of survey respondents say they take a balanced approach - business, customers and compliance - investing in fraud prevention technology. So, why do they also report customer friction among their top challenges? BioCatch's Raj Dasgupta analyzes the results of the new Fraud Transformation Survey.

Profiles in Leadership: Dr. Frances Undelikwo, Fidelity Bank

Suparna Goswami • October 11, 2021

Dr. Frances Undelikwo, divisional head of IT and operational risk management at Fidelity Bank in Nigeria, says she found her passion by trying out different departments and fields under information security. She discusses her career path and current role.

Information Sharing

Analyzing the Results of the 2021 Cybersecurity Complexity Study, EU & UK

Information Security Media Group • October 8, 2021

In this exclusive interview, Martin Cook, Senior Solutions Engineer with ReliaQuest, discusses how to reduce complexity, increase visibility and tap into new resources to enhance your own abilities to detect, investigate and respond to attacks.

Fraud Management & Cybercrime

Ransomware: A Problem of Excesses

Tom Field • September 29, 2021

You can't decrease the motivation of ransomware attackers. But you can curb their success by bolstering your own enterprise's approach to access, credentials and privileges. Morey Haber and James Maude of BeyondTrust share insights on ransomware defense.

General Data Protection Regulation (GDPR)

Facebook's WhatsApp Hit With $266 Million GDPR Fine

Doug Olenick • September 3, 2021

Ireland's privacy law enforcer, the Data Protection Commission, has hit WhatsApp with a 225 million euro ($266 million) fine, finding that it violated the EU's General Data Protection Regulation in part by not telling users how it was sharing their data with parent company Facebook.

Critical Infrastructure Security

UK Looks to Revamp Data Privacy Policies Post-Brexit

Rashmi Ramesh • August 31, 2021

The U.K. is preparing to revamp the country's data protection and privacy laws as a way to spur economic growth and innovation in its post-Brexit economy, according to government officials. While some British politicians see opportunity, privacy experts worry about moving away from EU standards.

Breach Notification

Data Breach Culprits: Phishing and Ransomware Dominate

Mathew J. Schwartz • August 27, 2021

Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports. The U.K. government has also been caught out by breaches and leaks involving military secrets and CCTV footage from a government building.

Fraud Management & Cybercrime

How To Protect Sensitive Data From Ransomware in AWS

Information Security Media Group • November 10, 2021

Watch this video to see how these controls can be easily setup and enforced.

Cryptocurrency Fraud

Keeping the US Dollar on Top as Cryptocurrency Rises

Suparna Goswami • October 29, 2021

While overregulating the cryptocurrency space is not advisable, it is important for the Biden administration to look into the areas in which cryptocurrencies pose the greatest risks, says Nichole Dennis, director and government relations specialist with Cybercrime Support Network.

Advanced SOC Operations / CSOC

Profiles in Leadership: Peter Van Lierde, CISO, Sibelga

Mathew J. Schwartz • October 11, 2021

Criminal hackers don't break for lunches, weekends or holidays. Of course, that's just one of many challenges facing information security teams, as they attempt to maximize visibility and minimize complexity while protecting their business around the clock, says Peter Van Lierde, the CISO of energy firm Sibelga.

Governance & Risk Management

Securing Digital Transformation for Legacy Systems

Suparna Goswami • October 1, 2021

How does one begin to secure the digital transformation journey in two legacy enterprises? Kush Sharma, principal for Sharma and Company and former CISO for the city of Toronto, shares his experience and offers advice on investing in and integrating technologies.