Amidst the COVID-19 pandemic, California's attorney general on March 11 released a second modification of the proposed regulations to implement the California Consumer Protection Act. Attorney Sadia Mirza explains what's included in this "spring cleaning."
"The CCPA is just the U.S. version of the GDPR."
"If I'm compliant with the GDPR, I'm also compliant with the CCPA."
"Personal data under GDPR is the same as personal information under CCPA."
All of this common wisdom about the GDPR and CCPA is arguably false. In fact, there are numerous differences, some...
Compliance has long been a fact of life for IT and security teams. Compliance regulations originated as efforts to ensure data security and have since mushroomed into constantly changing and overwhelming challenges that consume disproportionate amounts of an organization's resources.
In this whitepaper, you'll...
To understand and illustrate the benefits, costs, and risks associated with ServiceNow, Forrester interviewed six current Governance, Risk, and Compliance customers to create a representative organization. This organization:
Performed compliance testing and reporting 70% faster
Completed vendor assessments 3 times...
From cutting costs to reducing risks and problems, there are many benefits to automating GRC.
But, what are the simplest ways to maximize value and minimize costs during implementation?
Check out the 8 simple steps for automating GRC and learn how to create a GRC roadmap that:
Scales with your...
The financial and legal penalties that could result from noncompliance make it imperative to invest in transforming outdated GRC processes.
Through continuous monitoring and automation you can improve decision making, increase performance across your organization, and respond to business risks in real-time.
The cybersecurity outlook for 2020 and the new decade will be characterized by more advanced, targeted and coordinated attack vectors designed to exploit the cybersecurity skills shortage, along with congenitally poor security fundamentals and hygiene.
When large-scale data breaches started to proliferate more than a decade ago, security leaders called for end-to-end data encryption. But that approach no longer suffices, says First Data's Tim Horton, who calls for a new multilayered defense.
The EMV 3D Secure specification faces some milestone dates in Europe and the U.S. What are these milestones, and how does the standard fit into fundamental fraud defenses? Jackie Hersch of Fiserv shares insight.
After months of appeals, Facebook has agreed to pay $643,000 to settle claims that it violated U.K. privacy laws by allowing Cambridge Analytica - a now-defunct digital marketer that focused, in part, on political campaigns - to access the personal data of 87 million of its users.
Now that the deadline for all e-commerce card-based transactions in the EU to comply with the new PSD2 "strong customer authentication" requirement has officially been extended to Dec. 31, 2020, authorities are emphasizing the need to make a smooth, uniform migration to the new forms of authentication.
In today's shifting security and regulatory environment, ongoing third-party monitoring is crucial to compliance success. But how do you keep up with a constantly changing and growing list of vendors?
This session will outline the keys to third-party risk management success through a modern approach to monitoring...
All enterprises need to grant their employees access to the right digital and physical resources. They also need to digitize their businesses, protect their data, and comply with various local and global regulations.
Nexus helps resolve these identity challenges that most enterprises face, regardless of the...
There are few regulatory environments more complex and challenging than that of a large public utility serving millions of customers across several states. So when the compliance management team at one such organization required a more streamlined approach to gathering, managing, and complying with hundreds of...