Examining the How of NIST Privacy

Posted by:

Last time I discussed why you should consider using the NIST Privacy framework as both a foundation and methodology for managing data protection and privacy risk management

In this article, I’d like to explain how it works in practice.

Here we bring together facts and information from disparate and sometimes rather technical documents. When I began my research into the NIST Privacy framework, I saw it described as both “

Read More →
0

NIST Privacy Framework – Your Foundation for Future Privacy Compliance

Posted by:

In preparing to write an article about the NIST Privacy Framework I asked some friends who work in infosec and data protection for their thoughts. With few exceptions the conversation went:

“Oh, you mean the NIST CyberSecurity Framework.”

“No, the Privacy Framework”, I’d reply.

“I’m pretty sure it’s Cybersecurity.”

“I’ll send you a link.”

It’s not surprising that it’s gone under the ...

Read More →
0

CCPA is now in effect. What you need to do about it

Posted by:

The California Consumer Privacy Act, or CCPA, seemed to take an age between being signed into law in 2018 and coming into effect in January of this year. Even after this long lead-up time, businesses were given an additional six months of grace. That six month has just come to an end on 1st July.

So now that CCPA has properly come into effect, what’s your business doing about it?

You ...

Read More →
0

Zoom: How to Avoid Cyber Security Video Conferencing Pitfalls

Posted by:

There has been quite a trend in recent years of companies going from zeroes to heroes to villains in a short space of time: think Uber and WeWork. 

Unsustained growth can pose problems, particularly if you do not take cybersecurity seriously. 

Enter Zoom. Its fast growth caught the attention of bad actors and security researchers alike. Here are just a few of the recent security issues that have been raised. 

Read More →
0

The current state of privacy laws in the USA 2020: what you need to know

Posted by:

After the introduction of the CCPA in 2018 a whole slew of states got on board the data privacy bandwagon, and it looked like there was real momentum in the direction of increased rights for citizens over their own data.  By the middle of 2019 more than a dozen states had introduced some kind of privacy bill, either from scratch or as an amendment to existing privacy laws.

So how has that turned out?

Well, if you’re an advocate for increased user ...

Read More →
0

Isn’t it time we talk seriously about a nation-wide Privacy Act?

Posted by:

Would you be surprised if someone told you that they felt even less secure online today, compared to five years ago? 

All we hear about are big companies screwing up and losing user data

Nah. Me neither. As reports Mitchell Noordyke from iapp, “state level momentum for comprehensive privacy bills is at an all time high. 

One of the hot topics now is whether the United States, Like the EU, ...

Read More →
0

GDPR: The big myth that could slide US firms into hot water.

Posted by:

It is now 12 weeks until the new EU GDPR legislation becomes a globally enforceable law. GDPR is an important new EU-mandated regulation: it provides the foundation for how organizations around the globe collate and process sensitive customer information belonging to EU residents.

Some say this is the best thing since sliced bread, in that it gives back a modicum of control to some individuals whose data is being processed willy-nilly in many organizations around the globe. ...

Read More →
0

EU GDPR demystified: a straightforward checklist for US firms (PART THREE)

Posted by:

In this GDPR post, we provide you with a curated checklist to assist you during your  journey to compliance with the new European GDPR regulation, coming into effect in May 2018. Learn more about GDPR and its implications in our previous articles:

EU GDPR demystified: a straightforward reference guide for US firms – Part One 

EU GDPR demystified: a straightforward reference guide for US firms – Part Two

 

EU-GDPR REGULATION CHECKLIST FROM TBG SECURITY

 


Read More →
0

EU GDPR demystified: a straight-forward guide for US firms (PART 1)

Posted by:

Ahhh GDPR, the EU General Data Protection Regulation (EU-GDPR), the new European data legislation that revamps 20-year-old data protection laws to align with our digital age. It’s a radical and unprecedented piece of legislation, whittled down to a whopping 99 Articles, categorised in 11 Chapters.

Ugh.

AS if 99 articles isn’t bad enough, the effective date is coming sooner than you think….. May 2018, less than a year away.

Some of you, we know, are facing it head on, grappling with how ...

Read More →
1
})
SEC Cybersecurity Exams