CSO and Data privacy - Cyber Security Informer

Minnesota Passes Data Privacy Law, Joining Growing State Movement

SecureWorld News

MAY 21, 2024

On May 19, 2024, Minnesota officially joined the ranks of states enacting robust data privacy protections for consumers. The Minnesota Consumer Data Privacy Act (HF 4757 / SF 4782) was approved by the state legislature and is headed to the governor's desk for expected signature into law.

Data privacy

Data privacy CISO Small Business CSO

CSO's ultimate guide to security and privacy laws, regulations, and compliance

CSO Magazine

JANUARY 28, 2021

CSO's ultimate guide to security and privacy laws, regulations, and compliance Security and privacy laws, regulations, and compliance: The complete guide This directory includes laws, regulations and industry guidelines with significant security and privacy impact and requirements. Massachusetts Bill H.4806

CSO

CSO Financial Services Consumer Protection Data privacy

EU parliamentary committee says 'no' to EU-US data privacy framework

CSO Magazine

FEBRUARY 17, 2023

The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs has recommended that the European Commission reject the proposed EU-US Data Privacy Framework, which would govern the way in which the personal information of EU citizens is handled by US companies.

Data privacy

Data privacy Government

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Data Privacy Is in 23andMe CSO's DNA

Dark Reading

JUNE 25, 2021

We're hiding data even from ourselves," says the biotech and genetic testing company's head of security. How serious is the company about safeguarding its customers and their genetic information?

CSO

CSO Data privacy

LightBeam launches data privacy automation platform to streamline compliance

CSO Magazine

APRIL 6, 2022

Data privacy automation company LightBeam.ai has launched a new AI-powered data privacy automation platform designed to help organizations streamline compliance.

Data privacy

DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO

Security Boulevard

FEBRUARY 26, 2025

Employment screening company DISA says data of 3.3 million people was exposed in a data breach lasts year, prompting AppOmni CSO Cory Michal to say that data collection companies like DISA and National Public Data need more oversight, regulations, and penalties.

CSO

CSO Data collection Data breaches Social Engineering

Data privacy: Collect what you need, protect what you collect

CSO Magazine

AUGUST 1, 2022

Having CISOs participating in the discussions on what data is necessary for an app to function is table stakes. They should have a say in how that data is parsed to determine how it must be protected to remain in compliance with privacy laws.

Data privacy

Data privacy CISO Marketing Risk

China's PIPL privacy law imposes new data handling requirements

CSO Magazine

AUGUST 30, 2021

As part of the country's growing scrutiny over the tech sector, China enacted on August 21 a sprawling and comprehensive data privacy law, the Personal Information Protection Law (PIPL), which goes into effect on November 1, 2021.

Data privacy

In-app browser security risks, and what to do about them

CSO Magazine

SEPTEMBER 6, 2022

In-app browsers can pose significant security risks to businesses, with their tendency to track data a primary concern. This was highlighted in recent research which examined how browsers within apps like Facebook, Instagram and TikTok can be a data privacy risk for iOS users.

Risk

Risk Data privacy Passwords

Concentric launches new data privacy and cybersecurity solution Eclipse

CSO Magazine

JULY 12, 2022

Private risk consultancy firm Concentric has announced the launch of Eclipse, a new “turnkey solution” designed to provide enhanced cybersecurity and digital privacy to users.

Data privacy

Data privacy Cybersecurity Cybercrime Accountability

How GDPR has inspired a global arms race on privacy regulations

CSO Magazine

APRIL 7, 2022

With many jurisdictions embracing EU-style privacy rules in line with the European Union’s GDPR , such as mandatory data-protection impact assessments, data privacy officers, and notification to individuals and regulators in the event of a data security breach, compliance is increasingly complex and an increasing burden for organizations.

Data privacy

CPRA explained: New California privacy law ramps up restrictions on data use

CSO Magazine

DECEMBER 26, 2022

On January 1, 2023, 20, the California Privacy Rights Act (CPRA) will go into effect. Approved by ballot measure as Proposition 24 in November 2020, it created a new consumer data privacy agency and put California another step ahead of other states in terms of privacy productions for consumers—and data security requirements for enterprises.

Data privacy

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

The Last Watchdog

APRIL 30, 2019

Prior to launching CyberSaint, Wrenn was CSO of Schneider Electric, a supplier of technologies used in industrial control systems. The CSF’s core principles have been incorporated into Europe’s GDPR , NYDFS’s cybersecurity requirement s, California’s Consumer Privacy Act and Ohio’s Data Protection Act.

Cybersecurity

Cybersecurity Insurance Cyber Insurance Risk

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Security Boulevard

MARCH 7, 2025

Those stats come from ISACAs Tech Workplace and Culture 2025 report, which is based on a survey of about 7,700 of its members who work in IT areas such as information security, governance, assurance, data privacy and risk management.

Cybersecurity

Cybersecurity Scams CSO Risk

Virginia data protection bill signed into law

CSO Magazine

MARCH 5, 2021

On March 2, Virginia's Democratic Governor Ralph Northam signed into law the nation's second major piece of state legislation that governs consumer data privacy and protection. Virginia's Consumer Data Protection Act (CDPA) follows the California Consumer Privacy Act (CCPA) , which went into effect on January 1, 2020.

Data privacy

Data privacy Government

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

Thales Cloud Protection & Licensing

OCTOBER 28, 2024

At that time generative AI was not a major consideration and novel privacy-preserving techniques (PPT) were not featured heavily on a CSO 5yr budgetary plan. The responsible use of GenAI, and adoption of PPT play a crucial role in aligning with DORA legislation while safeguarding sensitive data. The world has changed.

Encryption

Encryption Risk Data privacy Artificial Intelligence

How to prepare for a SOC 2 audit – it’s a big deal, so you’d better get ready

CSO Magazine

NOVEMBER 7, 2022

Organizations that want to prove to others – and to themselves – that they have a solid cybersecurity and data privacy program will undergo a SOC 2 audit. As such, a SOC 2 audit is a big deal, and it’s demanding, and it requires some serious preparation.

Data privacy

Data privacy Cybersecurity

India drafts new privacy bill for transfer of personal data internationally

CSO Magazine

NOVEMBER 18, 2022

The Indian federal government on Friday published a new draft of data privacy laws that would allow personal data transfer to other nations under certain conditions, and impose fines for breaches of data-transfer and data-collection regulations. The proposed legislation has been in the works for about four years.

Data collection

Data collection Data privacy Banking Government

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

SecureWorld News

JUNE 26, 2023

It will be interesting to watch how the SEC navigates this next stage and its broader impact on the approach by executives in managing cyber risk."

CISO

CISO CSO Data privacy Cyber Risk

CDPSE certification: Requirements, exam, and cost

CSO Magazine

SEPTEMBER 2, 2021

The Certified Data Privacy Solutions Engineer (CDPSE) certification focuses on the implementation of privacy solutions, from both a technical and governance perspective. What is the CDPSE certification?

Engineering

Engineering Data privacy Government Marketing

BrandPost: Staying ahead of evolving consumer privacy regulations

CSO Magazine

APRIL 17, 2023

In November of 2020, California voters approved an amendment to the CCPA which increased consumer data privacy protections. Even more critically, the CCPA grants consumers the right to opt out of the selling and sharing of their personal information. These protections only recently went into effect in January of 2023.

Data privacy

Italian privacy regulator bans ChatGPT over collection, storage of personal data

CSO Magazine

MARCH 31, 2023

Italy’s data privacy regulator has banned ChatGPT over alleged privacy violations relating to the chatbot’s collection and storage of personal data.

Data privacy

Data privacy Risk

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

(TechTarget) Buffer Overflow Attacks Explained (Tech Sky) 2 - Europol to banks: Prepare for quantum computing threat Financial institutions in Europe must get ready to face the cyberthreat that quantum computers will pose to data security and data privacy when these powerful systems become widely available.

Banking

Banking Cybercrime Cybersecurity Ransomware

Why the modern CISO should plan for greater Cybersecurity Regulations in the Biden Era

SC Magazine

MARCH 25, 2021

Achieve Compliance and Data Privacy Regulation Standardization at the Federal Level. James Carder, CSO, LogRhythm. In March 2021, President Biden signed the $1.9 In order to stay ahead of the curve, they should keep a close eye on the renewed legislative discussions and high-profile breaches.

CISO

CISO Cybersecurity CSO Government

BrandPost: Safe at Any Speed: Formalizing Consumer Privacy Risk Management

CSO Magazine

MARCH 22, 2022

As regulators and legislators consider new approaches to addressing consumer privacy, CISO s and colleagues in technology and consumer products companies that use personal data should reconsider how they’re balancing their management of data privacy risks and the need for speed.

Risk

Risk Data privacy CISO Technology

ChatGPT returns to Italy after OpenAI tweaks privacy disclosures, controls

CSO Magazine

MAY 1, 2023

OpenAI has relaunched ChatGPT in Italy after making changes requested by the country's data privacy regulator.

Data privacy

What is Traffic Light Protocol? Here's how it supports CISOs in sharing threat data

CSO Magazine

FEBRUARY 22, 2023

The protocol was developed so that recipients of threat data could assess its sensitivity and determine how to share it with others, without giving any aid to the bad actors, revealing personal data, or running afoul of data privacy regulations. To read this article in full, please click here

CISO

CISO System Administration Data privacy

Crazy quilt of state privacy laws could cost businesses $1 trillion

CSO Magazine

JANUARY 31, 2022

Allowing the states to regulate data privacy could cost businesses more than $1 trillion in the next 10 years, according to a new study by the Information Technology & Innovation Foundation.

Data privacy

Data privacy Technology

Security Teams Lean Into AI As Cyber Worker Shortage Persists

The Security Ledger

JULY 22, 2024

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk Episode 256: Recursive Pollution? Data Feudalism? The post Security Teams Lean Into AI As Cyber Worker Shortage Persists appeared first on The Security Ledger with Paul F. Related Stories China Calls Out U.S. For Hacking. Gary McGraw On LLM Insecurity

Artificial Intelligence

Artificial Intelligence CSO Hacking Risk

At Nebraska Event, FBI Calls Out Cyber Threats To Agriculture

The Security Ledger

AUGUST 7, 2024

Related Stories Cyber Attack Halts Production at Ag Equipment Maker AGCO Fendt Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk China Calls Out U.S. The post At Nebraska Event, FBI Calls Out Cyber Threats To Agriculture appeared first on The Security Ledger with Paul F. For Hacking.

Cyber threats

Cyber threats CSO Cyber Attacks Cyber Risk

The top 12 tech stories of 2022

CSO Magazine

DECEMBER 26, 2022

The technology sector's vulnerability to the vagaries of geopolitics and the macroeconomy became clearer than ever in 2022, as IT giants laid off workers en masse, regulators cracked down on tech rule-breakers, nations negotiated data privacy, the EU-China chip war widened, and the Ukraine war disrupted business as usual.

Data privacy

Data privacy Technology Cybersecurity

Episode 250: Window Snyder of Thistle on Making IoT Security Easy

The Security Ledger

MAY 13, 2023

Related Stories Spotlight: Traceable CSO Richard Bird on Securing the API Economy Episode 249: Intel Federal CTO Steve Orrin on the CHIPS Act and Supply Chain Security Forget the IoT. The post Episode 250: Window Snyder of Thistle on. Read the whole entry. » » Click the icon below to listen.

IoT

IoT Internet Internet Technology

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

SecureWorld News

JUNE 13, 2023

Faulkner was joined by Sarah Buerger, BISO, The Kraft Heinz Company; Mike Zachman, VP & CSO, Zebra Technologies; and Lynn Dohm, Executive Director, Women in CyberSecurity (WiCyS), who artfully moderated the panel discussion.

Cybersecurity

Cybersecurity CISO InfoSec Risk

Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn

Security Boulevard

OCTOBER 16, 2022

Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password expiration is no longer needed but many organizations are still doing it, and how fake executive profiles are becoming a huge problem for […].

Passwords

Passwords CSO Hacking Accountability

Microsoft’s EU data boundary plan to take effect Jan. 1

CSO Magazine

DECEMBER 15, 2022

Microsoft on Thursday said it will begin rolling out the first phase of its European Union data boundary plan from January 1, 2023 that’ll allow customers to store and process their customer data within the EU. Microsoft has included Azure, Power BI, Dynamics 365 and Office 365 under the first phase.

Data privacy

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

You can enable root access, but you have to jump through a lot of security hoops just to activate it,” noted Terry Dunlap, CSO and co-founder at ReFirm Labs. All sensitive data should only be stored for the amount of time required and in accordance with any data privacy policies,” said Smith.

Surveillance

Surveillance IoT Accountability Passwords

BrandPost: What’s Missing in Most CISO’s Security Risk Management Strategies

CSO Magazine

SEPTEMBER 23, 2022

When talking about risk in the IT world, we mainly talk about data, with terms like data privacy, data leakage and data loss. But there is more to cybersecurity risk than just protecting data. Individuals and organizations often think about risk in terms of what they’re trying to protect.

Risk

Risk Data privacy CISO Cybersecurity

Episode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT

The Security Ledger

JUNE 29, 2023

Click the icon below to listen. Related Stories Episode 250: Window Snyder of Thistle on Making IoT Security Easy Forget the IoT. Video Podcast ] | [ MP3 ] | [ Transcript ] The Internet of Things is growing – and fast.

IoT

IoT Internet Internet CSO

New SEC Rules Require Breach Disclosure within Four Days

eSecurity Planet

JULY 27, 2023

.” Also read: Network Protection: How to Secure a Network National Data Privacy Law Still Needed Traceable AI CSO Richard Bird said the new rules are an insufficient response to a much larger problem. “But breach notices are not security – and never will be.”

Data privacy

Data privacy Risk Government Cyber threats

U.S. data privacy and security solutions emerging at the federal level

CSO Magazine

JUNE 23, 2022

states have enacted strict privacy laws, the United States still lacks a comprehensive federal privacy statute, a vacuum that has fueled what many observers argue is a culture of “surveillance capitalism.” Although a handful of U.S.

Data privacy

Data privacy Surveillance

U.S., EU reach preliminary data privacy agreement

CSO Magazine

MARCH 25, 2022

and the European Union (EU) have a preliminary agreement over the storing of European data on U.S. If successful, the data agreement would resolve a significant point of contention in U.S.-EU EU relations since a previous deal regulating trans-Atlantic data flows – Privacy Shield – was deemed illegal by the EU’s top court in 2020.

Data privacy

Data privacy Surveillance Government

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

The future of the American Privacy Rights Act (APRA), proposed as a federal framework to unify data privacy standards, is now uncertain. States like New Jersey, Tennessee, and Minnesota are developing comprehensive data privacy laws that emphasise data transparency, risk assessments, and consumer protection.

Cybersecurity

Cybersecurity CISO Insurance IoT

European Commission takes step toward approving EU-US data privacy pact

CSO Magazine

DECEMBER 13, 2022

The European Commission announced Tuesday that is has officially begun the process of approving the EU-US Data Privacy Framework—hammered together to allow the flow of data between the US and the European Union—after concluding that the framework provides privacy safeguards comparable to those of the EU.

Data privacy

Managing security in the spotlight: TikTok’s CSO Roland Cloutier to kick off InfoSec World

SC Magazine

JUNE 4, 2021

He joined TikTok, the world’s most popular app with some 1 billion downloads annually, when the company came under scrutiny i n the United States over security and data privacy issues that emerged with the discovery of vulnerabilities within the app, as well as concerns about ties between Chinese parent ByteDance and the Chinese government.

CSO

CSO InfoSec Government Media

Minnesota Passes Data Privacy Law, Joining Growing State Movement

CSO's ultimate guide to security and privacy laws, regulations, and compliance

Webinars

Trending Sources

EU parliamentary committee says 'no' to EU-US data privacy framework

Webinars

Data Privacy Is in 23andMe CSO's DNA

LightBeam launches data privacy automation platform to streamline compliance

DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO

Data privacy: Collect what you need, protect what you collect

China's PIPL privacy law imposes new data handling requirements

In-app browser security risks, and what to do about them

Concentric launches new data privacy and cybersecurity solution Eclipse

How GDPR has inspired a global arms race on privacy regulations

CPRA explained: New California privacy law ramps up restrictions on data use

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Virginia data protection bill signed into law

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

How to prepare for a SOC 2 audit – it’s a big deal, so you’d better get ready

India drafts new privacy bill for transfer of personal data internationally

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

CDPSE certification: Requirements, exam, and cost

BrandPost: Staying ahead of evolving consumer privacy regulations

Italian privacy regulator bans ChatGPT over collection, storage of personal data

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Why the modern CISO should plan for greater Cybersecurity Regulations in the Biden Era

BrandPost: Safe at Any Speed: Formalizing Consumer Privacy Risk Management

ChatGPT returns to Italy after OpenAI tweaks privacy disclosures, controls

What is Traffic Light Protocol? Here's how it supports CISOs in sharing threat data

Crazy quilt of state privacy laws could cost businesses $1 trillion

Security Teams Lean Into AI As Cyber Worker Shortage Persists

At Nebraska Event, FBI Calls Out Cyber Threats To Agriculture

The top 12 tech stories of 2022

Episode 250: Window Snyder of Thistle on Making IoT Security Easy

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn

Microsoft’s EU data boundary plan to take effect Jan. 1

Camera tricks: Privacy concerns raised after massive surveillance cam breach

BrandPost: What’s Missing in Most CISO’s Security Risk Management Strategies

Episode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT

New SEC Rules Require Breach Disclosure within Four Days

U.S. data privacy and security solutions emerging at the federal level

U.S., EU reach preliminary data privacy agreement

Key Cybersecurity Trends for 2025. My Predictions

European Commission takes step toward approving EU-US data privacy pact

Managing security in the spotlight: TikTok’s CSO Roland Cloutier to kick off InfoSec World

Stay Connected