The nation’s most stringent data protection law (so far), the California Consumer Privacy Act of 2018 takes effect Jan. 1, 2020— and it’s generating a lot of buzz. Businesses from coast to coast are girding themselves for sweeping changes in how they collect, share, and protect California residents’ personal information. With the deadline for compliance right around the corner, GRC professionals have a lot of work to do. ZenGage, the new Slack community for information security and GRC professionals, recently hosted CCPA expert Dr. Maxine Henry, in its first #AMA (Ask Me Anything) live Slack chat series. In this candid discussion, Dr. Henry answers a broad range of questions, starting with the rights that the CCPA grants to California residents,…
Increased data breaches at institutions of higher education mean that colleges and universities need cybersecurity lessons before earning an F.
While not all state laws apply to higher education, institutions can benefit from reviewing the data security controls necessary for cloud migration.
The unique cybersecurity risks facing the oil and gas industry involve focusing on the Internet of Things, operational technology, and information technology.
A cybersecurity risk assessment in the manufacturing industry needs to focus on Supervisory Control Data Acquisition Systems (SCADA).
The difference between business continuity and disaster recovery is the difference between how you keep things running and how you get things back to normal.
Insight On Evolving Practices: Secure Controls Framework (SCF) Hackers share information on attack methods with other hackers, so why shouldn’t the good guys share information on how to best protect an organization? That concept led a coalition of cybersecurity and privacy experts to take action and make a difference. The result is the Secure Controls Framework (SCF). The SCF is focused on helping companies become and stay compliant with a vast array of cybersecurity and privacy requirements. The glue that ties Governance, Risk and Compliance (GRC) together is a uniform set of controls. The goal of the SCF is to provide a free solution to businesses that addresses cybersecurity and privacy control guidance to cover the strategic, operational and tactical…