Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

Compliance & Regulation

Articles

NYDFS Cybersecurity Regulation in Plain English

In 2017, the New York State Department of Financial Services (NYDFS) launched GDPR-like cybersecurity regulations for its massive financial industry. Unusual at the state level, this new regulation includes strict...

Read More

How Varonis Helps with the California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA) is set to go into effect on January 1, 2020. It not only gives ownership and control of personal data back to the consumer...

Read More

NIST 800-171: Definition and Tips for Compliance

Do you or does a company you work with deal with the Federal Government? The National Institute of Standards and Technology (NIST) has some important information regarding your important information....

Read More

The Average Reading Level of a Privacy Policy

On May 25th, 2018 the European Union’s General Data Protection Regulation, better known as GDPR, became an enforceable law. The policy was implemented primarily to create greater transparency regarding how...

Read More

EU NIS Directive (NISD) Holds Surprises for US Online Companies

Last month, a major data security law went into effect that will impact businesses both in the EU and the US. No, I’m not talking about the General Data Protection...

Read More

[Transcript] Attorney Sara Jodka on the GDPR and HR Data

In reviewing the transcript of my interview with Sara Jodka, I realize again how much great information she freely dispensed. Thanks Sara! The employee-employer relationship under the GDPR is a...

Read More

[Podcast] Attorney Sara Jodka on the GDPR and HR Data, Part II

In the second part of my interview with Dickinson Wright’s Sara Jodka, we go deeper into some of the consequences of internal employee data. Under the GDPR, companies will likely...

Read More

NIST 800-53: Definition and Tips for Compliance

NIST sets the security standards for agencies and contractors – and given the evolving threat landscape, NIST is influencing data security in the private sector as well. It’s structured as...

Read More

[Podcast] Attorney Sara Jodka on the GDPR and Employee HR Data, Part I

In this first part of my interview with Dickinson Wright attorney Sara Jodka, we start a discussion of how the EU General Data Protection Regulation (GDPR) treats employee data. Surprisingly,...

Read More

Canada’s PIPEDA Breach Notification Regulations Are Finalized!

While the US — post-Target, post-Sony, post-OPM, post-Equifax — still doesn’t have a national data security law, things are different north of the border. Canada, like the rest of the...

Read More
 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.