White Papers in Standards, Regulations & Compliance > General Data Protection Regulation (GDPR)

Controlling Website Vulnerabilities to Protect Against Data Leakage and Magecart

2018 saw a further increase in the frequency and complexity of cyberattacks being levelled at organizations and in several cases, resulted in high-profile customer data breaches. Global companies such as Facebook, Uber and Quora all fell victim to cyberattacks that left them facing huge financial costs and...

Website Security for the Evolving Cyber Threat Landscape

Website breaches are becoming a daily occurrence. Organizations, entrusted with millions of customer data points, are failing to protect consumers adequately and as a consequence, losing valuable data. Despite the expectation that companies should be prepared for both accidents and deliberate attacks, there is a...

Retailers: In the Cybercrime Firing Line

Retailers and ecommerce organizations are responsible for handling a wealth of customer data, including Personally Identifiable Information (PII) such as names, addresses, credit card details and passwords. However, this access to customer data makes retailers one of the biggest target groups for cybercriminals....

Maintaining Continuous Compliance with GDPR

In many ways compliance creates bureaucracy, but it doesn't need to be difficult. It is possible to maintain continual GDPR compliance without many of the headaches if done in the right ways.

Osterman Research: Best Practices for GDPR and CCPA Compliance

The extra-territorial scope of GDPR, and many other regions introducing new data protection and privacy requirements such as The California Consumer Privacy Act (CCPA), means it is essential that privacy decision makers understand the need to have a common approach to dealing with regulations - instead of addressing...

Information Security Management System (ISMS) Industry Standards: A Help Guide

With privacy laws becoming global and mainstream, the concept of "adequate security" is becoming a legal mandate across many verticals. The overlap between privacy and security calls for new ways for these two teams to collaborate, communicate more effectively, and use common tools. Use this guide to learn the...

Privacy & Security: Finding the Balance

In the past, the relationship between cybersecurity and privacy has been uneasy and even ill-defined. But today, in the post-GDPR era, the relationship is clear, and so is the legal and compliance path forward, Download this whitepaper to learn more about: The relationship between security & privacy; How...

15 Proven Tactics to Boost Customer Engagement Without Compromising Security

Email is indispensable to financial services. It's also so ubiquitous throughout society that most people take for granted that every email sent will be received almost instantaneously. This guide shares insights on what is really happening behind the scenes with the industry's most used form of communication, ways...

CISO's Guide to Compliance: Improve Security with PAM

With major data breaches in the news and high-stakes security regulations in effect - including GDPR and the NIS Directive - CISOs worldwide are scrambling to comply with IT standards and avoid hefty fines. Privileged Access Management (PAM) streamlines compliance and overlaps with the requirements of many...

Industrial Control System Security and How PAM Can Help

What makes Industrial Control Systems (ICS) so vulnerable to cyber attack? How does this impact the wider enterprise? With IoT-connected equipment and remote management on the rise, security has never been so important. Privileged Access Management (PAM) secures and controls access to critical Industrial...

GDPR & ISO 27001: Cross-Mapping PAM Requirements

Two heavyweight cybersecurity regulations, ISO 27001 and the more recent GDPR, are major concerns for CISOs and IT teams worldwide. Conveniently for CISOs and IT teams, however, the two standards have much in common. Here we offer a cross-mapping of the security requirements of each regulation, and how PAM can help...

GDPR Without the Hype

Implemented in May 2018, the General Data Protection Regulation, or GDPR, marked a colossal shift in the treatment and handling of personal data. And while the GDPR is an EU policy, its effects aren't limited to European borders.

The Regulatory Climate Around the World: Best Practices for Global Compliance

The extra-territorial scope of Europe's General Data Protection Regulation (GDPR) is much more applicable to the new global digital markets of the 21st century, and many other countries, regions and states are following the core principles of GDPR and introducing new data protection and data privacy requirements, such...

A Short Primer of GDPR Essentials

On May 25, 2018, per the General Data Protection Regulation (GDPR), organizations with business ties to the European Union needed to comply to GDPR standards. The cost of non-compliance are stiff fines. The GDPR contains nearly 100 separate and nuanced articles that can be difficult to understand even if you are a...

A Risk Manager's Guide to the GDPR

Risk managers in particular have a vested interest in ensuring their organizations are in ongoing compliance with GDPR. If you are concerned about your organization's GDPR compliance, download this guide and learn: A history and background of the GDPR; A number of noteworthy compliance indications; Six...