Welcome to ISMG's GDPR Resource Center!

The EU revamped its vaunted data protection and privacy laws with the 2016 passage of the General Data Protection Regulation. GDPR enforcement went into full effect on May 25, 2018, and any organization that stores Europeans’ personal data must comply.

The Executive Perspective Series featuring the White House Executive Order and More

• July 2, 2021

Join our discussions as we talk with cyber industry experts and leaders about the various elements of the WHEO and how we can collectively work to elevate our nation’s cybersecurity posture.

Next-Generation Technologies & Secure Development

DTEX Case Study: Williams Racing

Latest

Next-Generation Technologies & Secure Development

DTEX Case Study: VicTrack

Information Security Media Group , • April 14, 2021

View this casestudy to learn how Bruce Moore, CIO of VicTrack, uses DTEX InTERCEPT to improve the security of the organization.

Anti-Phishing, DMARC

A Tale of 3 Data 'Leaks': Clubhouse, LinkedIn, Facebook

Jeremy Kirk , Mathew J. Schwartz • April 13, 2021

Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.

Breach Notification

Ransomware Cleanup Costs Scottish Agency $1.1 Million

Mathew J. Schwartz • April 6, 2021

How much does it cost to recover from a ransomware attack? For the Scottish Environment Protection Agency, which was hit by the Conti ransomware-wielding gang on Christmas Eve, reported cleanup costs have reached $1.1 million. SEPA is still restoring systems and has refused to pay any ransom.

Breach Notification

533 Million Facebook Account Records Posted to Forum

Doug Olenick • April 4, 2021

A security researcher found more than 500 million Facebook records being offered for free on the darknet, exposing basic user information, including any phone numbers associated with the accounts. Facebook says this is “old data” previously reported as exposed.

Application Security

Booking.com's GDPR Fine Should Serve as 'Wake-Up Call'

Akshaya Asokan • April 2, 2021

The 475,000 euro fine levied against Booking.com by Dutch privacy authorities should serve as a "wake-up call" for other companies when it comes to GDPR, some experts say. The company waited more than 20 days to report the breach to officials instead of the 72-hour window required under Europe's privacy law.

Next-Generation Technologies & Secure Development

The Power of Actionable Threat Intel

Tom Field • April 2, 2021

The lack of automation and actionable threat intelligence may be preventing enterprises from developing the fully functional Cyber Fusion Centers they envision. Anomali's Mark Alba shares ideas on how to change that.

Next-Generation Technologies & Secure Development

What’s the Point of Threat Intelligence Without Threat Detection?

April 2, 2021

Watch now to learn more about discovering how to take threat intelligence to the next level with advanced detection capabilities.

Governance & Risk Management

Switching Away from Paper Documents for Good

Information Security Media Group • April 1, 2021

Replacing paper documents with an electronic version is one of the many tasks you may be facing as part of the remote work transformation.

Cloud Security

Is Your Security Stack Ready for the Modern Cloud?

Information Security Media Group • March 26, 2021

Digital transformation makes the headlines. But behind the scenes, many enterprises are struggling with the effects of cloud migration and the “shift left” movement. Knox Anderson of Sysdig shares tips for approaching the modern cloud.

Endpoint Security

Purpose Built: Securing vSphere Workloads

Information Security Media Group • March 23, 2021

View this OnDemand webinar to learn how VMware Carbon Black is delivering unified workload protection that’s purpose-built for vSphere.

Active Defense & Deception

Digital Risk Protection and 'Offensive Defense'

Tom Field • March 22, 2021

Years ago, when he was working in systems integration, Mirza Asrar Baig envisioned the concept of digital risk protection technology. Today, as CEO of CTM360, he is promoting it as a way to provide “offensive defense.”

Critical Infrastructure Security

UK Set to Boost Cybersecurity Operations

Prajeet Nair • March 15, 2021

Ahead of presenting a long-term review of national security strategy in Parliament on Tuesday, U.K. Prime Minister Boris Johnson issued a statement calling for a boost to the country’s capacity to conduct cyberattacks on foreign adversaries.