Welcome to ISMG's GDPR Resource Center!

The EU revamped its vaunted data protection and privacy laws with the 2016 passage of the General Data Protection Regulation. GDPR enforcement went into full effect on May 25, 2018, and any organization that stores Europeans’ personal data must comply.

What to Do Based on 2022: Expert Analysis of TPSRM Survey

Tony Morbin • September 21, 2022

From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.

3rd Party Risk Management

Evolving Ransomware Threats on Healthcare

Latest

Cloud Security

Netskope Expands Into Cloud Networking With Infiot Purchase

Michael Novinson • August 2, 2022

With its acquisition of Infiot, Netskope now carries both the networking and security technology needed to build a Secure Access Service Edge architecture following. The acquisition of Infiot's platform will allow Netskope customers to address both traditional and emerging SD-WAN use cases.

Endpoint Security

Profiles in Leadership: Sean Mack

Mathew J. Schwartz • July 25, 2022

Exploring new ways to offer security as a service from his organization to external customers is an exciting challenge and opportunity, says Sean Mack, CIO and CISO of publishing company Wiley. He also discusses aligning security investments with the company's biggest business risks and goals.

Breach Notification

Lack of Access Management Is Causing Data Breaches

Isa Jones • August 18, 2022

The costs of hacks are rising, the amount of ransomware is rising, and the number of organizations that have been breached will also rise unless organizations take action.

Next-Generation Technologies & Secure Development

How Code Hardening Enables Mobile App Developers to Meet OWASP MASVS Recommendations

Guardsquare • August 17, 2022

Why have attacks from rogue mobile apps grown by 49% in Q3?

Endpoint Detection & Response (EDR)

MDR vs Managed EDR: The Two Meanings of Managed

Adam Mansour • August 10, 2022

While Managed EDR can help in many endpoint scenarios, it’s important to be aware that going beyond the endpoint allows MDR and extended detection and response (XDR) to offer broader cybersecurity coverage.

Access Management

Thales Buys OneWelcome for $101.6M to Enter CIAM Market

Michael Novinson • July 18, 2022

Thales plans to enter the customer identity and access management market through its purchase of an emerging European CIAM player. The French firm plans to capitalize on OneWelcome's strong product by extending its footprint beyond Europe and into North America and Asia-Pacific.

Access Management

How Machine Learning Is Changing Access Monitoring

Isa Jones • July 5, 2022

As this technology is automated, it can also scan more accesses because a new rule doesn’t need to be created for each access. You can jump from a 1% audit rate to a 99% audit rate.

CyberEd Magazine (fmr Security Agenda)

Profiles in Leadership: Rob Hornbuckle

Mathew J. Schwartz • June 30, 2022

Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.

General Data Protection Regulation (GDPR)

A Shortcut to the NIST Cybersecurity Framework

Kylie Ruiz • June 28, 2022

Determine how the NIST Framework can fit into your security structure and start taking proactive steps to protect critical assets from rising and evolving threats.

Fraud Management & Cybercrime

What Defenders Can Learn From History - and Martial Arts

Anna Delaney • June 1, 2022

Obtaining threat insight is like practicing judo - you want to use your attacker's power against them, says Chris Borales, senior manager of product marketing at Gigamon. He and Tom Dager, CISO of Archer Daniels Midland Company, discuss how to keep pace with the evolving ransomware landscape.

Account Takeover Fraud

Increase in Account Opening Fraud, Payment Scams Continues

Suparna Goswami • May 26, 2022

A majority of financial institutions have reported a rise in account opening fraud and payment scams, which is expected to continue and cause losses for banks, says Trace Fooshee, strategic adviser at Aite-Novarica Group. He discusses new technologies to put in place to mitigate scam attacks.

Customer Identity & Access Management (CIAM)

Tackling the Identity Verification Challenge

Tom Field • May 23, 2022

Accelerated digital transformation has only complicated the identity verification challenge for enterprises. But Chuck Moore of Early Warning says behavioral analytics and anomaly detection combined can reduce both fraud and the friction that can come with traditional authentication methods.