Tag: law
-
When is the Right Time to Hire a CISO?
Knowing when to hire a CISO is a challenging proposition one which most organizations will eventually need to answer. The need to hire a CISO depends on a combination of factors, including but not limited to: Relevance of regulatory requirements Size of the organization Complexity of operations Sensitivity of data handled or processed Desired risk…
-
California, two other states to come down hard on GPC violators
Implement GPC signal recognition: Businesses need to update their websites and backend systems to “detect the presence of the GPC header or equivalent signals sent by browsers or browser extensions. The GPC signal is transmitted as part of the HTTP header or via JavaScript, and must be detected reliably on every relevant page where personal…
-
Three states team up in investigative sweep of companies flouting data opt-out laws
California, Colorado and Connecticut are contacting businesses that aren’t using legally mandated technology to provide consumers with universal opt-out rights. First seen on cyberscoop.com Jump to article: cyberscoop.com/states-investigative-sweep-global-privacy-control-data-privacy/
-
Chinese companies and bosses to face major fines over cybersecurity incidents
A proposed update to China’s national Cybersecurity Law would give Beijing firmer oversight over tech products while increasing penalties for companies and executives that don’t meet requirements. First seen on therecord.media Jump to article: therecord.media/china-cybersecurity-law-update-penalties-companies-executives
-
UK toughens Online Safety Act with ban on self-harm content
Tags: lawCharities welcome change, but critics warn the law is already too broad First seen on theregister.com Jump to article: www.theregister.com/2025/09/09/selfharm_online_safety_act/
-
UK toughens Online Safety Act with ban on self-harm content
Tags: lawCharities welcome change, but critics warn the law is already too broad First seen on theregister.com Jump to article: www.theregister.com/2025/09/09/selfharm_online_safety_act/
-
Understanding the EU Corporate Sustainability Due Diligence Directive (CSDDD): Why It Matters and How to Prepare
Key Takeaways For years, European companies have faced a patchwork of national laws pushing them to take responsibility for human rights and environmental issues tied to their business operations. France passed its Duty of Vigilance law in 2017. Germany followed with the EU Supply Chain Act in 2021. Each aimed to hold companies accountable not……
-
The growing debate over expanding age-verification laws
As age- and identity-verification laws become more mainstream, this legislation could have a dire impact on privacy. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/06/the-growing-debate-over-expanding-age-verification-laws/
-
Chinese Group Accused of Using Fake U.S. Rep. Email to Spy on Trade Talks
The Chinese state-sponsored group APT41 is accused of using a fake email impersonating a U.S. representative containing spyware and sent to government agencies, trade groups, and laws firms to gain information about U.S. strategy in trade talks with China. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/chinese-group-accused-of-using-fake-u-s-rep-email-to-spy-on-trade-talks/
-
Chinese Group Accused of Using Fake U.S. Rep. Email to Spy on Trade Talks
The Chinese state-sponsored group APT41 is accused of using a fake email impersonating a U.S. representative containing spyware and sent to government agencies, trade groups, and laws firms to gain information about U.S. strategy in trade talks with China. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/chinese-group-accused-of-using-fake-u-s-rep-email-to-spy-on-trade-talks/
-
Chinese Group Accused of Using Fake U.S. Rep. Email to Spy on Trade Talks
The Chinese state-sponsored group APT41 is accused of using a fake email impersonating a U.S. representative containing spyware and sent to government agencies, trade groups, and laws firms to gain information about U.S. strategy in trade talks with China. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/chinese-group-accused-of-using-fake-u-s-rep-email-to-spy-on-trade-talks/
-
Burger King Uses Copyright Law to Nix Security Research
Researcher Who Privately Reported Flaws Receives Legal Threat. Fresh research posted online, titled We Hacked Burger King, has disappeared faster than the purple Wednesday Whopper from the specials menu, after researcher BobDaBuilder received a DMCA takedown request on behalf of the fast food brand’s owner, multinational Restaurant Brands International. First seen on govinfosecurity.com Jump to…
-
Burger King Uses Copyright Law to Nix Security Research
Researcher Who Privately Reported Flaws Receives Legal Threat. Fresh research posted online, titled We Hacked Burger King, has disappeared faster than the purple Wednesday Whopper from the specials menu, after researcher BobDaBuilder received a DMCA takedown request on behalf of the fast food brand’s owner, multinational Restaurant Brands International. First seen on govinfosecurity.com Jump to…
-
U.S. Officials Investigating Cyber Threat Aimed at China Trade Talks
According to the Wall Street Journal, the deceptive message, purporting to come from Representative John Moolenaar, was dispatched in July to multiple U.S. trade groups, prominent law firms and government agencies. WASHINGTON, Sept. 7 (Reuters) U.S. authorities have launched an investigation into a sophisticated malware-laden email that appears to have been crafted to glean […]…
-
The growing debate over expanding age verification laws
As age and identity verification laws become more mainstream, this legislation could have a dire impact on privacy. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/06/wtf-is-going-on-with-age-verification-laws/
-
The growing debate over age verification laws
As age and identity verification laws become more mainstream, this legislation could have a dire impact on privacy. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/06/wtf-is-going-on-with-age-verification-laws/
-
How Has IoT Security Changed Over the Past 5 Years?
Experts agree there have been subtle improvements, with new laws and applied best practices, but there is still a long way to go. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/how-has-iot-security-changed-over-the-past-5-years-
-
US politicians ponder Wimwig cyber intel sharing law
US cyber data sharing legislation is set to replace an Obama-era law, but time is running out to get it over the line, with global ramifications for the security industry, and intelligence and law enforcement communities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366630326/US-politicians-ponder-WIMWIG-cyber-intel-sharing-law
-
US politicians ponder Wimwig cyber intel sharing law
US cyber data sharing legislation is set to replace an Obama-era law, but time is running out to get it over the line, with global ramifications for the security industry, and intelligence and law enforcement communities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366630326/US-politicians-ponder-WIMWIG-cyber-intel-sharing-law
-
Pressure on CISOs to stay silent about security incidents growing
Tags: access, breach, business, cio, ciso, corporate, credentials, credit-card, crowdstrike, cybersecurity, data, data-breach, email, finance, framework, group, hacker, iam, identity, incident response, insurance, law, mfa, ransomware, sap, security-incident, software, theft, threat, training‘Intense pressure’ to keep quiet about security incidents: CSO spoke to two other former CISOs who reported pressures to stay silent about suspected security incidents. Both CISOs requested to remain anonymous due to end-of-contract confidentiality agreements made with previous employers.”While working inside a Fortune Global 500 company in Europe, I witnessed this multiple times,” one…
-
Relief for European Commission as court upholds EU Data Privacy Framework agreement with US
ex post judicial oversight by the [US Data Protection Review Court],” the judgment said.A key issue is whether the agreement achieves ‘adequacy’, the extent to which US laws offer the same level of protection as EU equivalents.”Today’s EU General Court judgement will bring relief and reassurance to the thousands of US companies and their European…
-
With less than a month to go, House panel votes to extend popular cyber programs
Ten-year extensions of a threat information sharing law and a cybersecurity grant program for states and localities won bipartisan approval in the House Homeland Security Committee. First seen on therecord.media Jump to article: therecord.media/house-homeland-committee-cyber-information-sharing-law
-
FTC fines toy manufacturer for allowing Chinese third-party to collect kids’ data
The complaint alleges that the toy manufacturer Apitor published a privacy policy saying that it complied with the Children’s Online Privacy Protection Rule, but in reality violated the law by collecting the location data from children without parental consent. First seen on therecord.media Jump to article: therecord.media/chinese-toy-manufacturer-fine-ftc-kids-data
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
Disney to Pay $10 Million Over Children’s Data Privacy Violations
In a landmark settlement announced on September 2, 2025, The Walt Disney Company has agreed to pay a $10 million civil penalty to resolve allegations by the United States Department of Justice that its subsidiaries violated federal law by collecting personal data from children without parental consent. The suit, filed as Case No. 2:25-cv-08223 in…
-
Disney to Pay $10 Million Over Children’s Data Privacy Violations
In a landmark settlement announced on September 2, 2025, The Walt Disney Company has agreed to pay a $10 million civil penalty to resolve allegations by the United States Department of Justice that its subsidiaries violated federal law by collecting personal data from children without parental consent. The suit, filed as Case No. 2:25-cv-08223 in…
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…