Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

Compliance & Regulation

Articles

[Transcript] Attorney Sara Jodka on the GDPR and HR Data

In reviewing the transcript of my interview with Sara Jodka, I realize again how much great information she freely dispensed. Thanks Sara! The employee-employer relationship under the GDPR is a...

Read More

[Podcast] Attorney Sara Jodka on the GDPR and HR Data, Part II

In the second part of my interview with Dickinson Wright’s Sara Jodka, we go deeper into some of the consequences of internal employee data. Under the GDPR, companies will likely...

Read More

NIST 800-53: Definition and Tips for Compliance

NIST sets the security standards for agencies and contractors – and given the evolving threat landscape, NIST is influencing data security in the private sector as well. It’s structured as...

Read More

[Podcast] Attorney Sara Jodka on the GDPR and Employee HR Data, Part I

In this first part of my interview with Dickinson Wright attorney Sara Jodka, we start a discussion of how the EU General Data Protection Regulation (GDPR) treats employee data. Surprisingly,...

Read More

Canada’s PIPEDA Breach Notification Regulations Are Finalized!

While the US — post-Target, post-Sony, post-OPM, post-Equifax — still doesn’t have a national data security law, things are different north of the border. Canada, like the rest of the...

Read More

Another GDPR Gotcha: HR and Employee Data

Have I mentioned recently that if you’re following the usual data security standards (NIST, CIS Critical Security Controls, PCI DSS, ISO 27001) or common sense infosec principles (PbD), you shouldn’t...

Read More

SHIELD Act Will Update New York State’s Breach Notification Law

Those of you who have waded through our posts on US state breach notification laws know that there are few very states with rules that reflect our current tech realities....

Read More

What Experts Are Saying About GDPR

You did get the the memo that GDPR goes into effect next month? Good! This new EU regulation has a few nuances and uncertainties that will generate more questions than...

Read More

[White Paper] Let Varonis Be Your EU GDPR Guide

Everyone knows that when you travel to a strange new country, you need a guide. Someone to point out the best ways to move around, offer practical tips on local...

Read More

New SEC Guidance on Reporting Data Security Risk

In our recent post on a 2011 SEC cybersecurity guidance, we briefly sketched out what public companies are supposed to be doing in terms of informing investors about risks related...

Read More
 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.