Welcome to ISMG's GDPR Resource Center!

The EU revamped its vaunted data protection and privacy laws with the 2016 passage of the General Data Protection Regulation. GDPR enforcement went into full effect on May 25, 2018, and any organization that stores Europeans’ personal data must comply.

Source: FireEye Mandiant

Attackers' Dwell Time Plummets as Ransomware Hits Continue

Mathew J. Schwartz • May 3, 2021

The average amount of time that online attackers camp out in a victim's network - or "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.

Next-Generation Technologies & Secure Development

Booking.com's GDPR Fine Should Serve as 'Wake-Up Call'

Latest

CCPA

Federal Privacy Bill Reintroduced in Congress

Doug Olenick • March 15, 2021

U.S. Rep. Suzan DelBene, D-Wash, has reintroduced a bill that would create a national-wide data privacy standard that in its latest incarnation makes an attempt to placate Republicans. The bill, if passed, would replace a patchwork of current state laws.

General Data Protection Regulation (GDPR)

Post Brexit, Free Flow of Data Likely to Continue

Akshaya Asokan • February 16, 2021

The European Commission reportedly plans to roll out a new policy that paves the way for European Union nations and the U.K. to continue the free flow of personal data in the wake of Brexit.

COVID-19

NHS Reports COVID-19 App Success, Backed by Strong Privacy

Mathew J. Schwartz • February 9, 2021

Good news in the fight to prevent COVID-19 infections: Researchers report that a digital contact-tracing app rolled out in England and Wales that's designed to keep users' data private and secure is helping to blunt the spread of the pandemic. They urge continuing global uptake of such apps.

Next-Generation Technologies & Secure Development

The Power of Actionable Threat Intel

Tom Field • April 2, 2021

The lack of automation and actionable threat intelligence may be preventing enterprises from developing the fully functional Cyber Fusion Centers they envision. Anomali's Mark Alba shares ideas on how to change that.

Next-Generation Technologies & Secure Development

What’s the Point of Threat Intelligence Without Threat Detection?

April 2, 2021

Watch now to learn more about discovering how to take threat intelligence to the next level with advanced detection capabilities.

Governance & Risk Management

Switching Away from Paper Documents for Good

Information Security Media Group • April 1, 2021

Replacing paper documents with an electronic version is one of the many tasks you may be facing as part of the remote work transformation.

Cloud Security

Is Your Security Stack Ready for the Modern Cloud?

Information Security Media Group • March 26, 2021

Digital transformation makes the headlines. But behind the scenes, many enterprises are struggling with the effects of cloud migration and the “shift left” movement. Knox Anderson of Sysdig shares tips for approaching the modern cloud.

Endpoint Security

Purpose Built: Securing vSphere Workloads

Information Security Media Group • March 23, 2021

View this OnDemand webinar to learn how VMware Carbon Black is delivering unified workload protection that’s purpose-built for vSphere.

Active Defense & Deception

Digital Risk Protection and 'Offensive Defense'

Tom Field • March 22, 2021

Years ago, when he was working in systems integration, Mirza Asrar Baig envisioned the concept of digital risk protection technology. Today, as CEO of CTM360, he is promoting it as a way to provide “offensive defense.”

Critical Infrastructure Security

UK Set to Boost Cybersecurity Operations

Prajeet Nair • March 15, 2021

Ahead of presenting a long-term review of national security strategy in Parliament on Tuesday, U.K. Prime Minister Boris Johnson issued a statement calling for a boost to the country’s capacity to conduct cyberattacks on foreign adversaries.

DevSecOps

OnDemand Webinar | Security Education for Developers

Information Security Media Group • March 12, 2021

Watch this episode of the "On The Road to DevSecOps" series to learn from a group of DevOps experts on why AppSec Awareness and Training matters and how to give your developers secure coding education that works.

DevSecOps

OnDemand Webinar | Public Sector Digital Transformation and Secure Software

Information Security Media Group • March 12, 2021

Software is at the center of it all, placing increased pressure on developers, security managers, and DevOps leaders to develop applications faster. However, this need for speed comes at a price, and security can be seen as a blocker and not an enabler. Watch this webinar to understand why it's time to prioritize your...