Tag: regulation
-
US Finalizes Rule Throttling Bulk Data Sales to China
Rule Aims to Stymie Weaponization of Americans’ Data. The U.S. federal government finalized Friday regulations throttling the bulk commercial transfer to China and Russia of data pinpointing Americans’ location, their health data, or biometric and genomic identifiers. The rule implements a February executive order from President Joe Biden. First seen on govinfosecurity.com Jump to article:…
-
HIPAA to be updated with cybersecurity regulations, White House says
The Biden administration is proposing an overhaul of the data security rules under the landmark Health Insurance Portability and Accountability Act (HIPAA).]]> First seen on therecord.media Jump to article: therecord.media/hipaa-cybersecurity-regulations-update
-
U.S. Finalizes Rule Throttling Bulk Data Sales to China
Rule Aims to Stymie Weaponization of Americans’ Data. The U.S. federal government finalized Friday regulations throttling the bulk commercial transfer to China and Russia of data pinpointing Americans’ location, their health data, or biometric and genomic identifiers. The rule implements a February executive order from President Joe Biden. First seen on govinfosecurity.com Jump to article:…
-
Year In Review: Australia Expands Cyber Regulation
2024 Marked the Government’s Increasing Role Mandating Cybersecurity. Australia announced a flurry of cybersecurity legislation and regulations in 2024, spotlighting the government’s intent to fortify the nation’s cybersecurity in the wake of the Medibank and Optus incidents. The government vowed to transform the country into the world’s most cyber-secure. First seen on govinfosecurity.com Jump to…
-
Top Cybersecurity Compliance Issues Businesses Face Today
As organizations increasingly rely on digital infrastructure, the stakes have never been higher. Cybersecurity compliance is necessary to safeguard sensitive data, maintain customer trust, and avoid costly fines. With a constantly shifting threat landscape, evolving regulations, and the rise of new technologies, businesses must prioritize cybersecurity posture improvement to stay ahead of the curve. Assura”¦…
-
How Will Health Data Privacy, Cyber Regs Shape Up in 2025?
Washington and Nevada were among states enacting new data privacy laws in 2024, and that trend among states will likely continue into 2025 as the next presidential administration comes into office promising to reduce federal regulations, said attorney Melissa Crespo of law firm Morrison Foerster. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/how-will-health-data-privacy-cyber-regs-shape-up-in-2025-i-5431
-
Biden leaves mark on four technology regulation areas
Looking back on the last four years shows how aggressive the FTC and DOJ were on M&A activity. That might be a hallmark of the Biden regulation era. First seen on techtarget.com Jump to article: www.techtarget.com/searchcio/news/366617556/Biden-leaves-mark-on-four-technology-regulation-areas
-
7 biggest cybersecurity stories of 2024
Tags: access, ai, alphv, at&t, attack, authentication, breach, business, china, cio, ciso, citrix, cloud, credentials, crowdstrike, crypto, cyber, cybercrime, cybersecurity, data, data-breach, deep-fake, detection, email, espionage, exploit, extortion, finance, google, government, group, hacking, healthcare, incident response, infection, insurance, intelligence, international, jobs, lockbit, malicious, malware, mandiant, mfa, microsoft, network, nis-2, north-korea, office, phishing, phone, privacy, ransomware, regulation, risk, risk-management, scam, service, software, strategy, tactics, technology, threat, ukraine, update, vulnerability, windowsCybersecurity headlines were plenty this year, with several breaches, attacks, and mishaps drawing worldwide attention.But a few incidents in particular had far-reaching consequences, with the potential to reshape industry protections, shake up how vendors secure customers’ systems, or drive security leaders to reassess their strategies.Longer-term trends such as increased cybersecurity regulations and the impact of…
-
2025 is going to be a bumpy year for IoT
In the Internet of Things (IoT) sector, 2025 is shaping up to be a politically charged year. Major global jurisdictions are set to implement device security regulations, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/24/iot-2025-security/
-
Feds lay blame while Chinese telecom attack continues
Opinion: Implementing new regulations amid the ongoing attack would be a massive misstep, cyber experts argue. First seen on cyberscoop.com Jump to article: cyberscoop.com/us-telecom-infrastructure-chinese-cyberattack-salt-typhoon-security-strategy/
-
Top 10 Cybersecurity Trends to Expect in 2025
The 2025 cybersecurity landscape is increasingly complex, driven by sophisticated cyber threats, increased regulation, and rapidly evolving technology. In 2025, organizations will be challenged with protecting sensitive information for their customers while continuing to provide seamless and easy user experiences. Here’s a closer look at ten emerging challenges and threats set to shape the First…
-
Italy Fines OpenAI Euro15 Million for ChatGPT GDPR Data Privacy Violations
Italy’s data protection authority has fined ChatGPT maker OpenAI a fine of Euro15 million ($15.66 million) over how the generative artificial intelligence application handles personal data.The fine comes nearly a year after the Garante found that ChatGPT processed users’ information to train its service in violation of the European Union’s General Data Protection Regulation (GDPR).The…
-
Cybersecurity Snapshot: CISA Hands Down Cloud Security Directive, While Threat from North Korean IT Workers Gets the Spotlight
Tags: access, ai, authentication, best-practice, business, china, cisa, cisco, cloud, computer, control, cyber, cybersecurity, data, data-breach, email, extortion, finance, framework, fraud, google, government, guide, hacker, identity, incident, incident response, infrastructure, intelligence, international, Internet, jobs, korea, kubernetes, law, lessons-learned, linux, login, malicious, microsoft, mobile, monitoring, network, north-korea, office, password, regulation, risk, risk-management, russia, service, software, tactics, technology, threat, tool, updateCheck out the new cloud security requirements for federal agencies. Plus, beware of North Korean government operatives posing as remote IT pros. Also, learn how water plants can protect their HMIs against cyberattacks. And get the latest on the U.S. cyber incident response framework; the CIS Benchmarks; and local and state governments’ cyber challenges. Dive…
-
The Year of Global AI and Cybersecurity Regulations: 7 GRC Predictions for 2025
As 2025 approaches, emerging regulations and laws will affect how CISOs strategize and protect their organizations. With the increasing complexity of global compliance frameworks, understanding these changes is crucial for maintaining security and operational efficiency. Let’s discuss what I expect regarding regulatory shifts and their implications in 2025 and explore what CISOs and CCOs should……
-
NYDOH Cybersecurity Regulations: What Healthcare Providers Need to Know in 2025
10 NYCRR 405.46: NY’s New Hospital Cyber Regulation Hospitals are no strangers to health data privacy laws like HIPAA. But New York’s new cybersecurity regulations take things to the next level. Finalized by the New York State Department of Health (NYDOH) in October 2024, these laws aim to fill gaps left by existing frameworks. They……
-
IAM Predictions for 2025: Identity as the Linchpin of Business Resilience
Tags: access, ai, apple, attack, authentication, banking, breach, business, cloud, compliance, corporate, credentials, crime, data, deep-fake, detection, finance, iam, identity, malicious, microsoft, mobile, office, passkey, password, privacy, regulation, resilience, risk, service, supply-chain, theft, threat, tool, vulnerabilityIAM Predictions for 2025: Identity as the Linchpin of Business Resilience madhav Thu, 12/19/2024 – 05:33 As we look toward 2025, the lessons of 2024 serve as a stark reminder of the rapidly evolving identity and access management (IAM) landscape. The numbers tell the story: The latest Identity Theft Resource Center report indicates that consumers…
-
AI Regulation Gets Serious in 2025 Is Your Organization Ready?
While the challenges are significant, organizations have an opportunity to build scalable AI governance frameworks that ensure compliance while enabling responsible AI innovation. The post AI Regulation Gets Serious in 2025 Is Your Organization Ready? appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ai-regulation-gets-serious-in-2025-is-your-organization-ready/
-
US Congressional Task Force Offers Roadmap for AI Governance
Lawmakers Urge Washington to Adapt Current Laws to Avoid Duplication. The bipartisan House Task Force on AI released a final report Tuesday urging Congress to adopt an agile, incremental approach to AI policy, avoid duplicative regulations, support AI talent pathways and ensure privacy and transparency in AI governance while addressing its growing energy demands. First…
-
Ireland fines Meta $264 million over 2018 Facebook data breach
The Irish Data Protection Commission (DPC) fined Meta Euro251 million ($263.6M) over General Data Protection Regulation (GDPR) violations arising from a 2018 personal data breach impacting 29 million Facebook accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ireland-fines-meta-264-million-over-2018-facebook-data-breach/
-
An easy to follow NIST Compliance Checklist
We have seen how cyber attacks have disrupted organisations and businesses repeatedly. Mitigating emerging threats is crucial more than ever, and many organisations are at the forefront of combating them. One such organisation is the National Institute of Standards and Technology (NIST). NIST has released many Special Publications (SP) regulations, each containing guidelines for improving……
-
Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets
Digital license plates sold by Reviver, already legal to buy in some states and drive with nationwide, can be hacked by their owners to evade traffic regulations or even law enforcement surveillance. First seen on wired.com Jump to article: www.wired.com/story/digital-license-plate-jailbreak-hack/
-
Security leaders top 10 takeaways for 2024
Tags: access, ai, attack, automation, best-practice, breach, business, ciso, cloud, compliance, corporate, crowdstrike, cybercrime, cybersecurity, data, deep-fake, detection, email, finance, fraud, governance, group, guide, hacker, identity, incident response, infosec, ISO-27001, office, okta, phishing, privacy, programming, regulation, risk, risk-management, saas, security-incident, service, software, startup, strategy, technology, threat, tool, training, vulnerabilityThis year has been challenging for CISOs, with a growing burden of responsibility, the push to make cybersecurity a business enabler, the threat of legal liability for security incidents, and an expanding attack landscape.As the year comes to a close, CISOs reflect on some of the takeaways that have shaped the security landscape in 2024.…
-
With DORA approaching, financial institutions must strengthen their cyber resilience
The clock is ticking for financial institutions across the EU as the January 17, 2025, deadline for the Digital Operational Resilience Act (DORA) approaches. This regulation … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/16/financial-institutions-dora-requirements/
-
Time of Reckoning Reviewing My 2024 Cybersecurity Predictions
Tags: ai, attack, automation, awareness, breach, business, chatgpt, china, compliance, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, disinformation, election, espionage, exploit, healthcare, incident response, infrastructure, jobs, law, linkedin, malware, monitoring, moveIT, phishing, privacy, ransomware, regulation, risk, russia, service, software, supply-chain, technology, threat, tool, ukraine, update, vulnerability, warfare, zero-dayThe brutal reality is that cybersecurity predictions are only as valuable as their accuracy. As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Anyone can make predictions (and far too many do), but actually being correct is another matter altogether. It is commonplace for security companies…
-
Clearinghouse Pays $250K Settlement in Web Exposure Breach
Inmediata Health Group Has Paid $2.7M in Fines, Civil Claims for 2019 HIPAA Breach. A breach that exposed the personal information of nearly 1.6 million patients of a Puerto Rico-based clearinghouse has led to a $250,000 financial settlement with federal regulations for multiple HIPAA violations. The 2019 leak has cost Inmediata Health $2.7 million in…