Everything You Need to Know About China’s Cybersecurity Law

In this article, we'll  answer some of the most common questions about the CSL, and make compliance goals as clear as possible. … [Read more...]

Does HIPAA Compliance Actually Help Protect Sensitive Data?

Back in 2009, the Health Insurance Portability and Accountability Act (HIPAA) was combined (or updated) with the Health Information Technology for Economic and Clinical Health Act (HITECH) to increase its strictness in line with social and technological advances. Despite this, many still claim that HIPAA does not go far enough to secure patient data, and the increasing regularity with which we see … [Read more...]

California Consumer Privacy Act (CCPA) vs. GDPR: What’s the Difference?

Data security and data privacy regulations are increasing in number, strictness and complexity year upon year. For many governing bodies, the necessity for data protection and the privacy of the individual is a major priority. Any organization that deals with sensitive information (Personally Identifiable Information or other confidential data) is likely to fall under one or more of these … [Read more...]

How IT Governance can help with your cyber security concerns

Cyber security is a complex topic, so we wouldn’t be surprised if you had questions about what your organisation should be doing. The threat of data breaches grows each year, organisations process more information than ever and the regulatory landscape is becoming a minefield to navigate.  Fortunately, IT Governance’s team of experts has the answers, and our extensive range of … [Read more...]

Is GDPR Working? Rise in Reported Data Breaches Suggests So

Over the last year we have seen a dramatic rise in the number of data breaches being reporting to the ICO under the General Data Protection Regulation (GDPR). Since the GDPR took effect in May of 2018, it seems that awareness over cybersecurity issues and the obligations organizations have to report breaches has increased. We can see that this increase is reflected in the statistics. The Irish … [Read more...]

GDPR Overview: Complying with EU Laws for Personal Data

With the EU’s General Data Protection Regulation (GDPR) now in effect, GDPR preparedness should be top of mind for businesses everywhere, not just those based in the European Union (EU). This guide will take you through the basics of GDPR, including the seven principles that drive regulation and enforcement. … [Read more...]

Most Organizations Still Not GDPR Compliant – Here’s Why

A recent Forrester report titled “Security Through Simplicity” surveyed 481 IT security decision makers regarding their GDPR readiness. Surprisingly, according to the study, most of the organizations surveyed had not carried out fundamental steps towards GDPR compliance. A small caveat here. The December study was commissioned in August but wasn’t completed until September – well after the GDPR … [Read more...]

GDPR Questions: What is the Right to be Forgotten?

The “Right to be Forgotten” (RTBF) may be a much talked about feature of the EU General Data Protection Regulation (GDPR), but it actually existed long before this regulation came into being. Essentially, the RTBF acts as a set of rights given to the consumer regarding how their personal data is being help by an organization (“controller”). Consumers can ask controllers for their data to be … [Read more...]

Complete Guide to leveraging Session Recording to Improve Accountability and Meet PCI Compliance

You’ve set up policies. You’ve trained your team. You’ve vetted third parties. But, even the most proactive privilege security strategy can’t account for every situation and every type of risky behavior.   Today many Thycotic customers rely on session recording and monitoring capabilities for added peace of mind. If any privileged user adds a backdoor account or makes an unauthorized configuration … [Read more...]

Compliance Does NOT Equal Security: Here’s Why

We talk a lot about compliance when we speak to prospects looking to improve their data security. It’s an important part of security in terms of setting some standards, processes, practices and technologies for data security. However, most compliance regulations are either too basic or too pigeon-holed to full address data security concerns, especially in today’s evolving threat landscape. Being … [Read more...]