Welcome to ISMG's GDPR Resource Center!

The EU revamped its vaunted data protection and privacy laws with the 2016 passage of the General Data Protection Regulation. GDPR enforcement went into full effect on May 25, 2018, and any organization that stores Europeans’ personal data must comply.

Effective Security Programs: Keeping Pace With Threats

Jeremy Kirk • September 24, 2021

An effective security control program should focus on people and processes and not just technology, says Ashwin Ram, cyber security evangelist with Check Point. Ram also shares his insights on data breach trends.

Establishing Cybersecurity in the Era of Resilience

Work from Everywhere, Securely

Business Resilience Through ‘Zero Trust’

Global Compliance

How to Keep Cybercrime's Foot off the Pedal with the Auto Industry and ISO/SAE 21434

General Data Protection Regulation (GDPR)

Facebook's WhatsApp Hit With $266 Million GDPR Fine

Critical Infrastructure Security

UK Looks to Revamp Data Privacy Policies Post-Brexit

Breach Notification

Data Breach Culprits: Phishing and Ransomware Dominate

Latest

Cyberwarfare / Nation-State Attacks

Pegasus Spyware: World Leaders Demand Israeli Probe

Mathew J. Schwartz • July 27, 2021

Calls are growing for an investigation into how commercial Pegasus spyware developed by Israel's NSO Group gets sold to autocratic governments and used to target journalists, lawyers, human rights advocates and others, with some lawmakers saying "the hacking-for-hire industry must be brought under control."

Critical Infrastructure Security

Exposing Software Supply Chain Risks

Tom Field • August 24, 2021

Tomislav Pericin, Co-founder and Chief Software Architect for ReversingLabs, discusses the evolution of supply chain attack sophistication, and why both software builders and buyers need to change how they defend against attack surface area risks.

Finance & Banking

A Unified Look at FinCrime

Robert Harris • August 24, 2021

Banks are looking to drive synergies between fraud, cyber and compliance functions to tackle FinCrime hurdles.

Finance & Banking

Financial Service versus Fraud – the Battle Continues

Simon Viney • August 24, 2021

Despite these financial headwinds, new ways are emerging for FIs to differentiate on the quality of fraud prevention and outreach they can provide to customers.

Fraud Management & Cybercrime

Utilizing Data Opportunities and Risks in Insurance to Protect Customers and Drive Greater Differentiation

Robert Harris • August 24, 2021

Greater data-sharing opportunities and collaboration makes it easier to identify and understand good customers, not just the bad.

General Data Protection Regulation (GDPR)

Food Delivery Services Face GDPR Fines Over AI Algorithms

Mathew J. Schwartz • August 4, 2021

Italy's privacy regulator has slammed two of the country's biggest online food delivery firms - Deliveroo and Foodinho - with multimillion euro fines for using algorithms that discriminated against some workers. Legal experts say it's a reminder that such algorithms must be demonstrably transparent and fair.

General Data Protection Regulation (GDPR)

Amazon Hit With $885 Million GDPR Fine

Doug Olenick • July 30, 2021

Amazon reports that it's been fined 746 million euros ($885 million) under the European Union's General Data Protection Regulation for violating privacy rights in its advertising program. The company says it plans to appeal.

Governance & Risk Management

The Executive Perspective Series featuring the White House Executive Order and More

, • July 2, 2021

Join our discussions as we talk with cyber industry experts and leaders about the various elements of the WHEO and how we can collectively work to elevate our nation’s cybersecurity posture.

Next-Generation Technologies & Secure Development

Security Meets 'Work from Anywhere'

Tom Field • June 18, 2021

It was one thing to secure employees in a central office; quite another to secure them at home. What happens now in the hybrid workforce? Mike Anderson of Netskope outlines the key cybersecurity recommendations from his 'Return to Work' playbook.

General Data Protection Regulation (GDPR)

Privacy Rights: GDPR Enforcement Celebrates Third Birthday

Mathew J. Schwartz • May 25, 2021

Where were you on May 25, 2018? That was the day the EU's General Data Protection Regulation went into full effect. Three years later, some legal and privacy experts say that while the global privacy discussion and expectations have evolved, GDPR still has some growing up to do.

RSA Conference

Fraud 2021: Mules, Synthetic IDs, Deep Social Engineering

Tom Field • May 16, 2021

The global fraud landscape has shifted dramatically in the past year. Uri Rivner and Erin Englund of BioCatch discuss the urgency of catching money mules, stopping synthetic IDs and schemes that result from deep social engineering.

RSA Conference

Debunking Myths About MSPs

Anna Delaney • May 14, 2021

Increased reliance on the agile and remote work model has created more opportunities for MSPs. WatchGuard CEO Prakash Panjwani shares advice on how to engage an MSP that fits into the organization’s business model and establish a good partnership.