Compliance

Compliance with corporate, government and industry standards and regulations is critical to meet business goals, reduce risk, maintain trust and avoid fines. Get advice on audit planning and management; laws, standards and regulations; and how to comply with GDPR, PCI DSS, HIPAA and more.

June 14, 2022 14 Jun'22
How Russian sanctions may be helping US cybersecurity

Federal government officials say Russian sanctions decreased cyber attacks on the U.S. over the past few months but could potentially lead to significant threats down the road.
May 26, 2022 26 May'22
Twitter fined $150M for misusing 2FA data

The DOJ and FTC said the social media company misused consumers' personal data for advertisement purposes, from which it gained benefit.
March 16, 2022 16 Mar'22
Biden signs law on reporting critical infrastructure cyber attacks

President Joe Biden signed a law that requires critical infrastructure entities to report cyber attacks within 72 hours and report ransom payments in 24 hours.
February 10, 2022 10 Feb'22
Why Massachusetts' data breach reports are so high

Massachusetts discloses breaches of companies that affect just a single resident, giving the commonwealth a much larger number of 2021 incidents than other states.

Bring yourself up to speed with our introductory content

SOC 1 (System and Organization Controls 1)

System and Organization Controls 1, or SOC 1 (pronounced "sock one"), aims to control objectives within a SOC 1 process area and documents internal controls relevant to an audit of a user entity's financial statements. Continue Reading
Luhn algorithm (modulus 10)

The Luhn algorithm, also called modulus 10 or modulus 10 algorithm, is a simple mathematical formula used to validate a user's identification numbers. Continue Reading
COPPA (Children's Online Privacy Protection Act )

The Children's Online Privacy Protection Act of 1998 (COPPA) is a federal law that imposes specific requirements on operators of websites and online services to protect the privacy of children under 13. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

ESG analysts discuss how to manage compliance, data privacy

ESG analysts offer three recommendations for effective data governance: good C-level and IT leadership, visibility into cloud infrastructure and understanding cloud architecture. Continue Reading
The top secure software development frameworks

Keeping security top of mind when developing software is paramount. Learn how to incorporate security into the SDLC with the top secure software development frameworks. Continue Reading
Study attests: Cloud apps, remote users add to data loss

A study from ESG found many customers attribute data loss and compliance troubles to the race to put apps in the cloud and accommodate remote workers amid the pandemic. Continue Reading

Learn to apply best practices and optimize your operations.

3 steps for CDOs to ensure data sovereignty in the cloud

Data sovereignty regulations, combined with a tsunami of data growth and increased cloud usage, have created a perfect storm that chief data officers must manage. Continue Reading
Deploy an information barrier policy for Microsoft Teams

Mistakes happen, but can be costly when they involve compliance. Office 365 information barriers can prevent inadvertent sharing to protect the organization's sensitive data. Continue Reading
How endpoint encryption works in a data security strategy

Companies should use encryption to keep data on endpoints protected should an attacker successfully get hold of a device or breach enterprise security measures. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How to overcome GDPR compliance challenges

As GDPR fines and penalties increase, organizations must prioritize compliance to avoid financial and reputational damages. Learn about the top challenges and their solutions. Continue Reading
HIPAA compliance checklist: The key to staying compliant in 2020

Putting together a HIPAA compliance program can be fraught with difficulty. Review best practices and a HIPAA compliance checklist to avoid common pitfalls and pass an audit. Continue Reading
Shared responsibility model transparency boosts cloud security

The shared responsibility model delineates where company and CSP security responsibilities start and end. This is critical not only for compliance, but also the big security picture. Continue Reading