Welcome to ISMG's GDPR Resource Center!

The EU revamped its vaunted data protection and privacy laws with the 2016 passage of the General Data Protection Regulation. GDPR enforcement went into full effect on May 25, 2018, and any organization that stores Europeans’ personal data must comply.

Privacy Fines: GDPR Sanctions in 2021 Exceeded $1 Billion

Mathew J. Schwartz • January 18, 2022

Privacy regulators in Europe last year imposed known fines totaling more than $1.2 billion under the EU's General Data Protection Regulation, including two record-breaking sanctions, law firm DLA Piper finds. The total value of fines in 2021 was nearly a sevenfold increase from that seen in 2020.

Governance & Risk Management

WatchGuard’s 2022 Cybersecurity Predictions

Latest

Access Management

The ROI of Shift-Left Automated Testing

Information Security Media Group • December 1, 2021

Forrester evaluates the benefits of automated testing for the mainframe.

Access Management

The Evolution of Privileged User Monitoring for Mainframes

Information Security Media Group • December 1, 2021

Learn how the latest advances in privileged user monitoring can close windows of opportunity for attackers and keep business-critical data safe from credential theft, lateral attack movement, ransomware, and other threats.

Cyberwarfare / Nation-State Attacks

How to Stop a Potential Ransomware Attack Before it Happens

Information Security Media Group • December 1, 2021

In this on-demand webinar, you’ll learn how you can get out in front of the ransomware threat to stop hackers from locking down your data in the first place.

Cybercrime as-a-service

Tips for Surviving Big Game Ransomware Attacks

Corey Nachreiner • November 16, 2021

Why has the cybercriminal underground put so much effort toward the professionalization of ransomware? Simply put, they are making tons of money from it.

3rd Party Risk Management

Risk Quantification 101: Communicate Risk in Dollars and Cents

Information Security Media Group • November 9, 2021

In this video, LogicGate and Protiviti explores the fundamentals of risk quantification and highlight how the practice empowers you to leverage the power of risk confidently and strategically.

Cybercrime

What is a Fileless Cyberattack?

Marc Laliberte • January 5, 2022

In recent years the industry has seen a sharp rise in a much more complex form of attack – fileless malware. But what exactly is it?

3rd Party Risk Management

Privacy Predictions for 2022: Laws, Flaws and Enforcement

Tom Field • December 29, 2021

In the U.S., three states now have disparate data privacy laws - and more are coming. Meanwhile, China has enacted a new law that has global enterprises scrambling. How will these and other actions shape privacy discussions in 2022? Noted attorney Lisa Sotto shares insights.

Application Security

Layers of API Security and Log4j: Beyond the OWASP Top 10

Tom Field • December 23, 2021

Everyone knows the OWASP Top 10 lists of application security and API risks. But what about #11 and beyond - aren't those key priorities, too? Matt Tesauro of Noname Security talks about "Beyond the Top 10" and relates it back to mitigating the Log4j zero-day vulnerability.

Identity & Access Management

Why We Need an Identity Data Fabric

Tom Field • December 22, 2021

Identity: In most instances it can be an asset. But occasionally, left improperly secured, it can be a roadblock for an enterprise. Wade Ellery of Radiant Logic explains the Identity Data Fabric and how it can help enterprises solve major business problems.

Business Continuity Management / Disaster Recovery

The Value of Secure Wi-Fi in a Unified Security Platform

Ryan Poutre • December 17, 2021

Wi-Fi can often be the weakest link in the security chain, with costly consequences when it breaks.

Governance & Risk Management

As Cybersecurity Threat Grows, So Too Does the Need for MSSPs

Miguel Carrero • December 17, 2021

The effort and cost involved in staying safe in this environment is driving many organizations to work with IT and managed security service providers (MSSPs).