Tag: regulation

25 on 2025: APAC security thought leaders share their predictions and aspirations

Jan 22, 2025 8:22 PM

Tags: access, advisory, ai, api, attack, authentication, awareness, best-practice, breach, business, ciso, cloud, compliance, control, cryptography, csf, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, data-breach, deep-fake, detection, disinformation, encryption, endpoint, exploit, extortion, finance, framework, fraud, government, group, hacking, Hardware, identity, incident, incident response, infrastructure, injection, intelligence, international, iot, malicious, malware, microsoft, monitoring, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, scam, service, skills, social-engineering, software, spear-phishing, strategy, supply-chain, tactics, technology, threat, tool, training, update, vulnerability, warfare, zero-trust

As threat actors and security teams harness the growing potential of artificial intelligence (AI), who will prevail? From generative AI (GenAI) to agentic AI, we look through the lens of 25 of Asia-Pacific’s thought leaders in security and dive into their predictions and goals for the year. src=”https://b2b-contenthub.com/wp-content/uploads/2025/01/Athikom.jpg?quality=50&strip=all” alt=”athikom” loading=”lazy” width=”400px”>Athikom Kanchanavibhu Chief Information Security…
The Quiet Rise of the ‘API Tsunami’

Jan 22, 2025 8:22 PM

Tags: access, api, attack, authentication, breach, business, cloud, compliance, control, data, data-breach, encryption, endpoint, finance, GDPR, healthcare, HIPAA, infrastructure, law, leak, mail, malicious, mfa, mobile, monitoring, network, privacy, programming, regulation, risk, security-incident, service, threat, tool, unauthorized, update, vulnerability

As enterprises increasingly adopt cloud-native architectures, microservices, and third-party integrations, the number of Application Programming Interfaces (APIs) has surged, creating an “API tsunami” in an organization’s infrastructure that threatens to overwhelm traditional management practices. As digital services proliferate, so does the development of APIs, which allow various applications to communicate or integrate with each other…
Security chiefs whose companies operate in the EU should be exploring DORA now

Jan 22, 2025 7:22 AM

Tags: attack, business, ciso, compliance, conference, corporate, cyber, cybersecurity, data, detection, dora, finance, framework, GDPR, incident, network, regulation, resilience, risk, service, technology, threat, vulnerability

If your enterprise operates in Europe, you should care about the Digital Operational Resilience Act (DORA), which took effect on January 17. DORA, also known as Directive (EU) 2022/2555 of the European Parliament, aims to enhance and build the EU’s cybersecurity capabilities and it has been hanging like the Sword of Damocles over the heads…
GDPR Compliance in the US: Checklist and Requirements

Jan 22, 2025 5:22 AM

Tags: compliance, data, GDPR, international, regulation
Three Keys to Modernizing Data Security: DSPM, AI, and Encryption

Jan 21, 2025 10:22 PM

Tags: access, ai, automation, best-practice, business, cloud, compliance, container, control, cyber, cybercrime, data, data-breach, detection, encryption, GDPR, incident response, infrastructure, privacy, regulation, risk, saas, security-incident, skills, software, strategy, threat, tool, vulnerability

Three Keys to Modernizing Data Security: DSPM, AI, and Encryption andrew.gertz@t“¦ Tue, 01/21/2025 – 14:56 Organizations worldwide face a “perfect storm” of increasing and ever-evolving cyber threats. Internal and external factors are at play, elevating cyber risks and their consequences and mandating new approaches to safeguard data. A recent study based on responses from over…
Privacy Roundup: Week 3 of Year 2025

Jan 20, 2025 7:22 PM

Tags: access, ai, android, apt, blockchain, breach, cctv, china, computer, cve, cyber, cybersecurity, data, detection, email, exploit, finance, firmware, github, google, group, guide, leak, malicious, malware, microsoft, phishing, privacy, regulation, router, scam, service, smishing, social-engineering, software, technology, threat, tool, update, virus, vulnerability, windows

This is a news item roundup of privacy or privacy-related news items for 12 JAN 2025 – 18 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
EU privacy non-profit group filed complaints against TikTok, SHEIN, AliExpress, and other Chinese companies

Jan 18, 2025 12:22 AM

Tags: business, china, data, group, privacy, regulation

noyb files complaints against TikTok, AliExpress, and other Chinese companies for illegal EU user data transfers to China, violating data protection laws. Austrian privacy non-profit group None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully…
DORA Takes Effect: Financial Firms Still Navigating Compliance Headwinds

Jan 17, 2025 10:55 AM

Tags: compliance, dora, finance, regulation

The EU’s DORA regulation is in effect as of January 17, with mixed evidence around compliance levels among financial firms First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/dora-financial-firms-compliance/
Large Language Models and Regulations: Navigating the Ethical and Legal Landscape

Jan 15, 2025 2:02 PM

Tags: business, regulation

Leverage the full potential of Large Language Models (LLMs) for your business while staying compliant. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/large-language-models-and-regulations-navigating-the-ethical-and-legal-landscape/
Biden Issues Final Maritime Cybersecurity Rules

Jan 14, 2025 10:02 PM

Tags: attack, china, cyber, cybersecurity, incident, incident response, regulation

White House Mandates Cyber Incident Response Plans Amid Growing Chinese Threat. Federal regulations unveiled Tuesday require the U.S. maritime industry to implement baseline cybersecurity measures amid concerns over exposure to attacks from adversaries such as China. The rules mandate cybersecurity plans and clearly-defined cyber positions in ports and maritime facilities. First seen on govinfosecurity.com Jump…
Fifteen Best Practices to Navigate the Data Sovereignty Waters

Jan 14, 2025 9:46 AM

Tags: access, attack, automation, awareness, backup, best-practice, breach, cloud, compliance, computer, computing, container, control, country, crypto, cybersecurity, data, encryption, governance, iam, identity, international, law, least-privilege, monitoring, network, privacy, ransomware, regulation, resilience, risk, security-incident, service, software, strategy, threat, tool, unauthorized, update, zero-trust

Fifteen Best Practices to Navigate the Data Sovereignty Waters josh.pearson@t“¦ Tue, 01/14/2025 – 08:04 Data sovereignty”, the idea that data is subject to the laws and regulations of the country it is collected or stored in”, is a fundamental consideration for businesses attempting to balance harnessing the power of data analytics, ensuring compliance with increasingly…
CISOs embrace rise in prominence, with broader business authority

Jan 13, 2025 11:26 AM

Tags: ai, attack, business, ceo, cio, ciso, compliance, control, corporate, cyber, cyberattack, cybersecurity, data, governance, healthcare, infrastructure, intelligence, network, privacy, regulation, risk, risk-management, security-incident, strategy, technology, threat, update

It’s a familiar refrain: As cybersecurity has become a core business priority, it is no longer a siloed operation, and the responsibilities of CISOs have grown, giving them greater prominence within the organization.According to CSO’s 2024 Security Priorities Study, 72% of security decision-makers say their role has grown to include additional responsibilities over the past…
2025 Cybersecurity and AI Predictions

Jan 11, 2025 11:42 AM

Tags: access, ai, api, attack, backdoor, backup, browser, business, chrome, communications, compliance, control, corporate, crowdstrike, crypto, cybercrime, cybersecurity, dark-web, data, deep-fake, defense, detection, exploit, finance, firmware, flaw, framework, fraud, GDPR, hacker, Hardware, identity, intelligence, international, korea, LLM, malicious, mitigation, monitoring, network, open-source, privacy, regulation, resilience, risk, risk-assessment, scam, service, skills, supply-chain, switch, technology, threat, tool, training, unauthorized, vulnerability

The cybersecurity and AI landscape continues to evolve at a breathtaking pace, and with it, the associated risks. Snowballing cybercrime costs are compounded by a cybersecurity workforce gap of nearly 4.8 million professionals, as reported by ISC2. Meanwhile, ISACA’s end-2024 State of Cybersecurity Report shows that nearly half of those surveyed claim no involvement in…
SEC rule confusion continues to put CISOs in a bind a year after a major revision

Jan 10, 2025 8:18 AM

Tags: attack, breach, business, ciso, citrix, compliance, control, cyber, cyberattack, cybersecurity, data, government, incident, incident response, law, network, privacy, regulation, risk, security-incident, software, strategy, supply-chain

Confusion around when and how to report cybersecurity breaches continues to plague companies a year after revised US Securities and Exchange Commission (SEC) cybersecurity breach reporting rules came into effect, experts say.As the agency that regulates and enforces federal US securities laws continues to flex its enforcement muscles against organizations that violate the strict rules,…
8 Cyber Predictions for 2025: A CSO’s Perspective

Jan 10, 2025 1:18 AM

Tags: access, ai, attack, authentication, business, ceo, ciso, cloud, compliance, computing, control, credentials, cryptography, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, encryption, exploit, extortion, firewall, framework, governance, group, hacker, hacking, healthcare, identity, intelligence, international, law, leak, malicious, mfa, microsoft, network, north-korea, organized, phishing, privacy, ransom, ransomware, regulation, risk, risk-management, service, social-engineering, software, strategy, supply-chain, theft, threat, tool, update, wifi, zero-trust

As we step into 2025, the cyberthreat landscape is once again more dynamic and challenging than the year before. In 2024, we witnessed a remarkable acceleration in cyberattacks of all types, many fueled by advancements in generative AI. For security leaders, the stakes are higher than ever. In this post, I’ll explore cyberthreat projections and…
European Court Fines European Commission for Privacy Breach

Jan 9, 2025 8:19 AM

Tags: breach, privacy, regulation, technology

Transfer of German Man’s IP Address Wins Him 400 Euros. European privacy regulation – bane of American technology companies and a favorite cudgel of activists – came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.…
European Court Fines European Commission for Privacy Violation

Jan 9, 2025 1:18 AM

Tags: privacy, regulation, technology

Transfer of German Man’s IP Address Wins Him 400 Euros. European privacy regulation – bane of American technology companies and a favorite cudgel of activists – came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.…
European Court Fines European Commission for GDPR Violation

Jan 8, 2025 11:18 PM

Tags: GDPR, privacy, regulation, technology

Transfer of German Man’s IP Address Wins Him 400 Euros. European privacy regulation – bane of American technology companies and a favorite cudgel of activists – came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.…
Court orders European Commission to pay its first-ever GDPR fine

Jan 8, 2025 6:18 PM

Tags: data, GDPR, privacy, regulation

A German citizen will receive Euro400 from the European Commission for a violation of the General Data Privacy Regulation (GDPR), the first time the EU’s executive arm will pay such a fine.]]> First seen on therecord.media Jump to article: therecord.media/european-commission-pays-gdpr-fine-german-citizen
The biggest data breach fines, penalties, and settlements so far

Jan 8, 2025 9:18 AM

Tags: access, apache, attack, breach, business, china, ciso, communications, compliance, control, credentials, credit-card, cyberattack, cybercrime, cybersecurity, data, data-breach, email, finance, flaw, framework, GDPR, google, hacker, Hardware, identity, Internet, law, leak, linkedin, microsoft, mobile, monitoring, network, office, phone, privacy, regulation, risk, service, software, technology, tool, training, update, vulnerability

Sizable fines assessed for data breaches in recent years suggest that regulators are getting more serious about cracking down on organizations that don’t properly protect consumer data.Hit with a $ 1.3 billion fine for unlawfully transferring personal data from the European Union to the US, Meta tops the list of recent big-ticket sanctions, with one…
IoT’s Regulatory Reckoning Is Overdue

Jan 6, 2025 9:17 PM

Tags: compliance, iot, regulation

New security regulations are more than compliance hurdles, they’re opportunities to build better products, restore trust, and lead the next chapter of innovation. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/iot-regulatory-reckoning-overdue
More telecom firms were breached by Chinese hackers than previously reported

Jan 6, 2025 2:18 PM

Tags: access, at&t, attack, breach, china, cisco, communications, cyber, cyberespionage, cybersecurity, data, defense, disinformation, espionage, exploit, finance, fortinet, framework, government, group, hacker, Hardware, infrastructure, intelligence, international, microsoft, mobile, network, phone, regulation, risk, risk-management, router, spy, technology, threat, vulnerability

Chinese hackers linked to the Salt Typhoon cyberespionage operation have breached even more US telecommunications firms than initially reported.New victims, Charter Communications, Consolidated Communications, and Windstream, add to a growing list that already includes AT&T, Verizon, T-Mobile, and Lumen Technologies.Earlier, the US authorities informed that nine telecom firms have been affected by the Chinese espionage…
More stringent drone regulations proposed

Jan 3, 2025 9:19 PM

Tags: regulation

First seen on scworld.com Jump to article: www.scworld.com/brief/more-stringent-drone-regulations-proposed
Exit interview: FCC’s Jessica Rosenworcel discusses her legacy on cybersecurity, AI and regulation

Jan 3, 2025 8:18 PM

Tags: ai, china, cybersecurity, network, regulation

The outgoing chair weighs in on how the FCC has addressed newer technologies, efforts to respond to Chinese intrusions into U.S. telecom networks, and regulating AI in political ads. First seen on cyberscoop.com Jump to article: cyberscoop.com/fcc-jessica-rosenworcel-exit-interview-legacy-cybersecurity-ai/
Proposed HIPAA Amendments Will Close Healthcare Security Gaps

Jan 3, 2025 3:19 PM

Tags: authentication, control, cybersecurity, healthcare, HIPAA, mfa, network, privacy, regulation, threat

The changes to the healthcare privacy regulation with technical controls such as network segmentation, multi-factor authentication, and encryption. The changes would strengthen cybersecurity protections for electronic health information and address evolving threats against healthcare entities. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/proposed-hipaa-amendments-close-healthcare-security-gaps
DORA Regulation (Digital Operational Resilience Act): A Threat Intelligence Perspective

Jan 2, 2025 11:18 PM

Tags: dora, intelligence, regulation, resilience, threat

The Digital Operational Resilience Act (DORA) is coming in 2025. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/dora-regulation-digital-operational-resilience-act-a-threat-intelligence-perspective/
Cybersecurity regulations in 2025: Key insights from top industry experts

Jan 2, 2025 9:17 PM

Tags: cybersecurity, regulation

First seen on scworld.com Jump to article: www.scworld.com/feature/how-will-rules-and-regulations-affect-cybersecurity-and-ai-in-2025
Tighter regulations proposed for foreign IT in drones used in US

Jan 2, 2025 7:17 PM

Tags: china, regulation, risk, technology

The Bureau of Industry and Security wants public feedback on how information technology in drones could pose a national security risk, particularly from adversaries such as China and Russia.]]> First seen on therecord.media Jump to article: therecord.media/proposed-drone-supply-chain-regulation-commerce-department
Why ISMS Policies Are Crucial for Compliance in Cybersecurity?

Dec 31, 2024 3:27 PM

Tags: compliance, cyber, cybersecurity, finance, government, regulation, threat

In 2025, the cybersecurity landscape will continue to evolve rapidly, driven by increasing cyber threats and technological advancements. As governments and regulatory bodies implement stricter cybersecurity regulations, businesses will face pressure to ensure compliance. Failing to meet these standards could result in severe penalties, financial losses, and reputational damage. This blog will explore the key……
Regulations, security, and remote work: Why network outsourcing is booming

Dec 31, 2024 6:27 AM

Tags: ai, network, regulation, service

A growing number of enterprises in the US are adopting managed network services to support AI and other new technologies across increasingly complex networks, according to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/31/enterprise-networking-risks/