Welcome to ISMG's GDPR Resource Center!

The EU revamped its vaunted data protection and privacy laws with the 2016 passage of the General Data Protection Regulation. GDPR enforcement went into full effect on May 25, 2018, and any organization that stores Europeans’ personal data must comply.

UK Data Breach Reports Decline

Mathew J. Schwartz • May 25, 2020

Britain's privacy watchdog reports it received 19% fewer data breach notifications in the first quarter than in the same period last year. While the decline may be attributed to more organizations better understanding when to report breaches, other countries have seen an increase in breach reports.

Application Security

Zero Trust: 3 Critical Considerations

Latest

COVID-19

Analysis: COVID-19 Contact-Tracing Privacy Issues

Nick Holland • April 24, 2020

The latest edition of the ISMG Security Report analyzes the privacy issues raised by COVID-19 contact-tracing apps. Also featured: An update on efforts to fight fraud tied to economic stimulus payments; John Kindervag on the origins of "zero trust."

3rd Party Risk Management

Third-Party Risk Management: How to Grow a Mature Program

Information Security Media Group • April 7, 2020

Enterprises globally recognize the challenge of third-party cyber risk, but they still struggle with the risk management. Dave Stapleton of CyberGRX discusses the elements of a mature program, including the role of risk ratings.

Breach Notification

Morrisons Not Liable for Breach Caused by Rogue Employee

Mathew J. Schwartz • April 2, 2020

Supermarket giant Morrisons is not liable for a data breach caused by a rogue employee, Britain's Supreme Court has ruled, bringing to a close the long-running case - the first in the country to have been filed by data breach victims.

Business Continuity Management / Disaster Recovery

Analysis: Russia's COVID-19 Disinformation Campaign

Nick Holland • March 27, 2020

The latest edition of the ISMG Security Report analyzes how and why Russia is spreading disinformation about the COVID-19 pandemic. Plus: the latest CCPA regulation updates; a CISO's tips on securely managing a remote workforce.

Business Continuity Management / Disaster Recovery

California Modifies Consumer Privacy Regulations - Again

Tom Field • March 24, 2020

Amidst the COVID-19 pandemic, California's attorney general on March 11 released a second modification of the proposed regulations to implement the California Consumer Protection Act. Attorney Sadia Mirza explains what's included in this "spring cleaning."

COVID-19

Mobility and the Government Challenge

Information Security Media Group • March 10, 2020

Federal government agencies face unique cybersecurity risks, and as a result they often place tight restrictions on mobile devices in the workplace. Michael Campbell of Privoro says it's time to loosen these restrictions because they are negatively impacting missions, recruitment and retention.

Account Takeover

The Financial Services Security Disconnect

Nick Holland • March 5, 2020

A key disconnect exists between awareness of financial services fraud schemes and mitigation, according to the latest "Faces of Fraud" survey sponsored by Appgate. Mike Lopez, vice president at the firm, describes some key findings.

COVID-19

Webcast: Keeping Remote Workers Safe and Your Work Secure

Information Security Media Group • May 4, 2020

Learn how to protect employees from malicious web content.

Business Continuity Management / Disaster Recovery

Webinar | 4 Actions to Secure Work from Home Employees

Information Security Media Group • April 27, 2020

This informational webinar will outline 4 actions you can take today to keep employees secure and productive during these challenging times, with tips straight from your identity and access management peers.

COVID-19

GDPR and COVID-19: Privacy Regulator Promises 'Flexibility'

Mathew J. Schwartz • April 24, 2020

As the COVID-19 pandemic continues, Britain's privacy watchdog has signaled that although privacy rights and transparency - as enshrined under GDPR - remain paramount, it will take a more "flexible" regulatory approach. But this is no data breach "get out of jail" card, legal experts warn.

3rd Party Risk Management

Fraud Thrives in a Crisis - Why The Insurance Community Needs to Stay Vigilant

Dennis Toomey, Global Director, Counter Fraud Analytics and Insurance Solutions, BAE Systems Applied Intelligence • April 21, 2020

Alongside the sad and vast expense of legitimate claims, it is an unfortunate fact that in times of economic hardship, people have a history of taking any opportunity to exploit financial institutions for ill-gotten gain.

Active Defense & Deception

Reduce Dwell Time of Advanced Threats With Deception

Varun Haran • March 26, 2020

Using deception technologies can impose a cost on cybercriminals and help reduce dwell times and increase visibility, says Acalvio CEO Ram Varadarajan.