Security News
DNAnexus announced that its biomedical informatics platform has achieved readiness and, in many areas, exceeds the full series of online security policy objectives outlined in President Biden's recent executive order aimed at protecting critical American infrastructure from cyberattacks. The measures outlined in the new national security memorandum, titled "Improving Cybersecurity for Critical Infrastructure Control Systems," are being coordinated by the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency and National Institute of Standards and Technology.
Code42 announced it has integrated the Code42 Incydr product with Rapid7 InsightIDR. Security teams using InsightIDR with the Code42 Incydr integration will have the ability to identify, prioritize and triage the most critical insider threat events - data leakage, theft or malicious attempts to conceal file exfiltration. Code42 Incydr is the first data source dedicated to insider threat events to be accessible to InsightIDR users.
Pathwire released the results of its Data Compliance Survey, a survey of 1,000 IT and marketing decision-makers across the globe on the most common data privacy and compliance trends and challenges. The majority of survey respondents were based in EMEA and North America, which indicates that almost all organizations represented in the study would fall, General Data Protection Regulation, CAN-SPAM Act and/or the California Consumer Protection Act.
Skyflow launched PII Data Privacy Vault, a zero trust data vault for securely handling sensitive customer information. The PII Data Privacy Vault includes the new Skyflow Data Governance Engine, which enables fine-grained access control to data based on roles, policies, or attributes.
As demands on the compliance function grow more intense, Chief Compliance Officers must proactively embrace new leadership responsibilities for their role and reposition how their function is thought of among stakeholders, according to Gartner. We sit down with Chris Audet, Senior Director at Gartner, to see what's next on the agenda for global compliance leaders.
Here is a quick guide into how healthcare providers can ensure HIPAA compliance when using the cloud. As cloud platforms that are working with healthcare providers are concerned with protected health information, each platform is considered a HIPAA business associate.
According to a recent poll by SentryBay, the infrastructure of over 21% of surveyed companies has failed key PCI compliance assessments, designed to assist them to maintain high security standards when processing customer card payments. A further 29.3% said that they had no confidence in their own company's compliance when it came to PCI DSS. Lack of confidence in the PCI standards.
Asurity announces David Roell has joined the company as Vice President, Compliance Products and Analytics at its subsidiary RiskExec. Prior to joining the Asurity organization, David served as Lead Data Scientist, HMDA Operations at the Consumer Financial Protection Bureau.
As demands on the compliance function grow more intense, Chief Compliance Officers must proactively embrace new leadership responsibilities for their role and reposition how their function is thought of among stakeholders, according to Gartner. These working models require CCOs to embrace new roles, and in some cases, assertively expand how their function is thought of by stakeholders and business leaders, including acting as a strategic business advisor and championing the use of analytics to better manage new layers of risk.
Despite the 49% of organizations in the report who said they are completing an initial risk assessment before granting access to third parties, these assessments are typically focused on the security controls the organization has in place or the organizational risk score. A third-party organization may pass a risk assessment and be in compliance one day, but an unexpected threat to business operations may push it out of compliance the next.