What does the title National Protection and Programs Directorate mean to you? It's not so clear, unless you are familiar with the Department of Homeland Security's organizational chart. To clarify its mission, the House has voted to rename - and revamp - the DHS agency.
There is a lot of frightening rhetoric coming out of the IT-security industry regarding the GDPR data protection reform adopted by the European Parliament and going into effect on May 25th, 2018. These issues of data privacy and security seem especially thorny in today's virtualized and cloud environments where...
A 10-member government-appointed committee in India has drafted a white paper that includes recommendations for components of a new data protection law. The government is seeking feedback on the report through Dec. 31.
With the advent of technology in personal healthcare - Internet-connected glucose monitors, intravenous blood pressure monitoring, personal 'best friend' emotional bots - there is a lot of highly sensitive data that is rampantly traversing the airwaves. And the impact of this data getting in the wrong hands is just...
The New York state Department of Financial Services' cybersecurity regulation - 23 NYCRR Part 500 - has been in effect for nearly a year now, and covered entities face some significant compliance milestones in 2018. This regulation puts new demands on financial institutions for security leadership, breach...
A trio of Democratic senators is pushing for passage of a U.S. national data breach notification law. Data breach expert Troy Hunt tells lawmakers that data breaches will only get worse. But will Congress, which has rejected similar measures, enact this latest proposal?
Under bipartisan legislation introduced in the Senate, federal authorities would share classified cyber threat information with state election officials. The bill also would provide grants to states to support election security efforts.
Technology lawyers for Twitter, Google and Facebook vowed before a Senate subcommittee on Tuesday to implement tighter controls on their platforms after finding Russia's disinformation and propaganda efforts on social media reached far more people in the U.S. than previously thought.
A new House bill proposes that federal regulators work with healthcare providers and insurers as well as technology firms to recommend "voluntary frameworks and guidelines" to improve the cybersecurity of medical devices. But some security experts are calling for stronger mandates.
Congress needs to elevate the position of the CISO at the Department of Health and Human Services so that the job not only has responsibilities within the agency but also an official role in helping the healthcare sector improve its cybersecurity, says Samantha Burch of HIMSS.
At the first of three Congressional hearings slated this week to examine the Equifax mega-breach, one Republican said of the company's delay in detecting the breach: "It's like the guards of Fort Knox forgot to lock the doors and failed to notice the thieves were emptying the vaults."
The latest edition of the ISMG Security Report is devoted to a special report on how enterprises around the world should prepare for the European Union's General Data Protection Regulation, which starts being enforced in May.
Equifax is facing increased scrutiny from Congress, including a bill that would mandate free credit freezes for consumers, on demand. But a true fix would require Congress to give U.S. government consumer watchdogs more power.
If the Equifax breach turns out like every other massive data breach we've seen for more than a decade, after a big brouhaha - from Congress, state attorneys general, consumer rights groups and class-action lawsuits - nothing will change, because that would require Congress to give Americans more privacy rights.