Welcome to ISMG's GDPR Resource Center!

The EU revamped its vaunted data protection and privacy laws with the 2016 passage of the General Data Protection Regulation. GDPR enforcement went into full effect on May 25, 2018, and any organization that stores Europeans’ personal data must comply.

Facial recognition is no longer needed to eat lunch in North Ayrshire secondary schools. (Image: Shutterstock)

Scottish Schools' Use of Facial Recognition Violated GDPR

Akshaya Asokan • February 2, 2023

A Scottish school system decided not to use facial recognition in its secondary school cafeterias after international outcry. The U.K. Information Commissioner's Office said Tuesday that the North Ayrshire Council failed to obtain freely given consent for the system.

Leadership & Executive Communication

New Approaches to Solve the Age-Old AML Problem

Latest

Account Takeover Fraud

How to Predict New Account Risk

Tom Field • December 5, 2022

Application fraud has spiked - particularly bogus new accounts - and organizations are scrambling to improve fraud detection mechanisms without negatively affecting the legitimate customer's experience. Robin Love of Early Warning shares insights on how to better predict new account risk.

Healthcare

Cybersecurity Is Patient Safety, Says US Senator

Marianne Kolbasuk McGee • November 3, 2022

A U.S. senator is suggesting adding cybersecurity standards to the list of federal prerequisites for medical practice participation in Medicare. Cybersecurity is a patient safety issue, says Mark Warner (D-Va.). He today released a slew of proposals for augmenting healthcare cybersecurity.

Customer Identity & Access Management (CIAM)

Spotting and Stopping Synthetic ID Fraud

Tom Field • October 27, 2022

Synthetic identity fraud is the fastest-growing financial crime in the country. By combining real and fabricated personal information, a synthetic identity is specifically designed to look and act like a valid identity - until it doesn’t, leaving financial losses and criminal activity in its wake.

Email Threat Protection

Enterprise Fraud and Financial Crimes Compliance: How Banks Need to Adapt

Information Security Media Group • October 27, 2022

View this webinar to learn about five emerging trends for next-gen fraud and financial crime management.

Finance & Banking

Journey to AML Modernization

Information Security Media Group • October 26, 2022

View this webinar to learn about the building blocks for beginning the journey to security modernization.

Cloud Security

How to Achieve Cloud Security and Visibility Through Threat Detection

Tom Field • October 21, 2022

Russell Shupert of Veeva Systems explains the challenges faced in securing a complex environment. He discusses how his team overcame these challenges, the benefits they achieved and how Threat Stack's Cloud Workload Protection and Application Infrastructure Protection tool helped along the way.

3rd Party Risk Management

What to Do Based on 2022: Expert Analysis of TPSRM Survey

Tony Morbin • September 21, 2022

From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.

3rd Party Risk Management

What Industry Is Most Vulnerable to a Cyberattack?

Tori Taylor • September 13, 2022

The data shows that every industry contains vulnerabilities and strengths, but there are a few standout points to consider.

Next-Generation Technologies & Secure Development

Hybrid Cloud Changes the Game for Security

Andrew Stevens • September 12, 2022

Embracing new technologies to gain benefits such as increased agility and rapid application delivery makes good business sense, but existing architectures also need to be maintained and secured to protect the critically important data residing on server workloads across the hybrid cloud.

Governance & Risk Management

SMBs! Forget Retainer-based Security Assessments: Demand Funded POCs

Adam Mansour • September 8, 2022

A new delivery model is surfacing for various assessment services - one that is going to be bad for SMBs, whose options were already limited.

Next-Generation Technologies & Secure Development

The Value of Digital Transformation

Andrew Stevens • August 30, 2022

With the increase in remote workers and proliferation of uncontrolled devices, your IT team has been migrating applications to the cloud along with building cloud-native applications to support the speed needed by the business.

3rd Party Risk Management

The Key To Compliance? Third-Party Management

Tori Taylor • August 30, 2022

They’re necessary contributors to the business ecosystem, but there’s risk associated with third-party remote access, including bad actors lurking around every access point.