-
Privacy & Compliance
Mar 29, 2020
What is FISMA Compliance? Regulations and Requirements
FISMA is the federal government’s security requirements. If you work for on with a federal agency read on to learn how to get (and stay) compliant.
Michael Buckbee
3 min read
-
Privacy & Compliance
Mar 29, 2020
We Need to Talk About Gramm-Leach-Bliley (GLB): The Safeguards Rule Will Be Changing!
As a blogger following data security laws and regulations, I’m occasionally rewarded with an “I told you this law would be important” moment. Earlier this month with the news that...
Michael Buckbee
6 min read
-
Privacy & Compliance
Mar 29, 2020
NYS SHIELD Act: Updates to PII, Data Security, and Breach Notification
After the devastating Equifax incident, the New York State legislature introduced the Stop Hacks and Improve Electronic Data Security or SHIELD Act in order to update the existing breach rules....
Michael Buckbee
5 min read
-
Privacy & Compliance
Mar 29, 2020
What the H**L Does Reasonable Data Security Really Mean?
For anyone who’s spent time looking at data security laws and regulations, you can’t help but come across the words “reasonable security”, or its close cousin “appropriate security”. You can...
Michael Buckbee
3 min read
-
Privacy & Compliance
Mar 29, 2020
Post-Davos Thoughts on the EU NIS Directive
I’ve been meaning to read the 80-page report published by the World Economic Forum (WEF) on the global risks humankind now faces. They’re the same folks who bring you the once...
Michael Buckbee
3 min read
-
Privacy & Compliance
Mar 29, 2020
GDPR: The Right to Be Forgotten and AI
One (of the many) confusing aspects of the EU General Data Protection Regulation (GDPR) is its “right to be forgotten”. It’s related to the right to erasure but takes in far...
Michael Buckbee
3 min read
-
Privacy & Compliance
Mar 29, 2020
NYDFS Cybersecurity Regulation in Plain English
Learn about the new NYDFS cybersecurity regulation and the rules for basic principles of data security, documentation of security policies, and much more.
Michael Buckbee
5 min read
-
Privacy & Compliance
Jun 25, 2018
How Privacy Policies Have Changed Since GDPR
In March the EU's General Data Protection Regulation went into effect. The data privacy law aims to create greater transparency around how personal data is handled. As a result of GDPR, privacy policies across the web were changed. We look at how GDPR changed the policies of some of tech's biggest names.
Rob Sobers
6 min read
-
Privacy & Compliance
May 02, 2018
Canada’s PIPEDA Breach Notification Regulations Are Finalized!
While the US — post-Target, post-Sony, post-OPM, post-Equifax — still doesn’t have a national data security law, things are different north of the border. Canada, like the rest of the...
Michael Buckbee
2 min read
-
Privacy & Compliance
Apr 12, 2018
SHIELD Act Will Update New York State’s Breach Notification Law
Those of you who have waded through our posts on US state breach notification laws know that there are few very states with rules that reflect our current tech realities....
Michael Buckbee
3 min read
-
Privacy & Compliance
Apr 20, 2017
Data Security Compliance and DatAdvantage, Part III: Protect and Monitor
At the end of the previous post, we took up the nuts-and-bolts issues of protecting sensitive data in an organization’s file system. One popular approach, least-privileged access model, is often...
Michael Buckbee
5 min read
-
Privacy & Compliance
Apr 14, 2017
Data Security Compliance and DatAdvantage, Part II: More on Risk Assessment
I can’t really overstate the importance of risk assessments in data security standards. It’s really at the core of everything you subsequently do in a security program. In this post...
Michael Buckbee
5 min read
SECURITY STACK NEWSLETTER
Ready to see the #1 Data Security Platform in action?
Ready to see the #1 Data Security Platform in action?
“I was amazed by how quickly Varonis was able to classify data and uncover potential data exposures during the free assessment. It was truly eye-opening.”
Michael Smith, CISO, HKS
"What I like about Varonis is that they come from a data-centric place. Other products protect the infrastructure, but they do nothing to protect your most precious commodity — your data."
Deborah Haworth, Director of Information Security, Penguin Random House
“Varonis’ support is unprecedented, and their team continues to evolve and improve their products to align with the rapid pace of industry evolution.”
Al Faella, CTO, Prospect Capital