CISA Sees Elimination of 'Bad Practices' as Next Secure-by-Design Step by Matt BrackenThe Cybersecurity and Infrastructure Security Agency (CISA) has made significant strides in its secure-by-design initiative, gaining 230 software vendors' commitments to strengthen security features like multi-factor authentication and reducing default passwords. By shifting security responsibilities to software...

The General Data Protection Regulation (GDPR) is a regulation enacted by the European Union to protect EU citizens' privacy and personal data. Read this blog to learn more about who's subject to GDPR compliance, data subject rights, and the misconceptions around consent in GDPR compliance.

As governments transition to fully digital records, protecting sensitive data has become a critical priority. In the Middle East, Saudi Arabia is leading the way with its National Data Management and Personal Data Protection Standards.

Cybersecurity protects computers, servers, mobile devices, systems, networks, and data from digital attacks, damage, and unauthorized access. Learn all about cybersecurity in this blog.

POPIA, South Africa's Protection of Personal Information Act, establishes rules for the lawful processing of personal information in South Africa. This blog looks at the purpose of the law, POPIA compliance best practices, and more.

As Congress works to minimize regulatory headaches for compliant organizations, cyberattacks hailing from North Korea and the Kremlin continue, while cyber insurance rates are plummeting. Get caught up to speed on all these stories in this week's Friday Five recap.

Implementing risk taxonomy at your organization can help break down risks into categories and manage potential threats. Learn how it works and the steps required to create risk taxonomy in today's blog.

While this past week brought good and bad news in the world of ransomware, agencies and lawmakers are fighting to keep up with evolving cybercrime trends. Catch up on these stories and more in this week's Friday Five.

Catch up on the ongoing fight against cybercrime platforms, ransomware and other malware, updated compliance rules for healthcare organizations, and more — all in this week's Friday Five.

This past week's headlines were led by stories on upcoming regulatory improvements, why organizations are still struggling to keep up with them, the possibility of a new Cyber Force, and more. Learn all you need to know in this week's Friday Five.

Audit log best practices include defining clear log policies, regularly reviewing logs, and maintaining the integrity and use of management tools. Learn more audit best practices in today's blog.

In India, new CERT-In guidelines for security breaches have introduced new requirements for businesses to comply with, including one that requires organizations to report certain cybersecurity incidents to the office within six hours of discovery.

While research suggests cybersecurity measures are mitigating Zero Day threats more effectively, threat actors are getting better at exploiting the threats that remain. Meanwhile, cyber threats related to AI continue to emerge, and CISA is refining its incident reporting requirements. Get up to speed on these stories and more in this week's Friday Five.

Complying with International Traffic in Arms Regulations (ITAR) is key for U.S. government, manufacturers, exporters, and brokers of defense data. Learn how ITAR compliance works and what's regulated in this blog.

Data residency refers to the physical or geographical location where an organization's data is stored to servers, databases, or data centers. Learn more about data residency in today's blog.

This past week's InfoSec headlines were dominated by a high-profile, Kremlin-backed cyberattack, CISA and the OMB's new attestation form, the so-called "TikTok Bill," and more. Catch up on all the latest in this week's Friday Five!

Data auditing is the process of conducting a thorough review and analysis of a company's data to ensure its accuracy, consistency, and security. Learn more about why your organization needs to carry out data auditing in today's blog.

Nearly a decade after its initial release, the NIST has made updates to its Cybersecurity Framework. Meanwhile, President Biden issued an executive order this past week to protect Americans' privacy. Catch up on this news and more in this week's Friday Five!

Germany's Bundesdatenschutzgesetz (BDSG) has been around for decades but seen renewed attention over the past few years along with the global uptick in data privacy awareness. Learn about the data protection law and what it requires in today's blog.

While ransomware remains a persistent threat, yet another notable group was taken down this past week. Read about this encouraging development along with other top InfoSec stories in this week's Friday Five!