Security News

Five best practices for achieving and maintaining SOC 2 compliance
2020-04-24 05:30

SOC 2 compliance is evaluated by independent third-party auditors who assess a company's ability to comply with these core principles. SOC 2 was developed by the American Institute of CPAs and designed specifically for service providers that store customer data in the cloud, meaning virtually every SaaS company operating today should consider achieving SOC 2 compliance.

Neustar launches services aimed at fulfilling stringent CCPA compliance standards
2020-04-17 01:45

The Neustar Identity Verification for CCPA and Neustar Identity Resolution for CCPA services enable organizations to fulfill CCPA requests with assurance of risk mitigation in terms of data breaches or fraud as well as non-compliance. While the act provides certain benefits and protections for consumers, it does introduce some risk: fraudsters may make CCPA requests in an effort to acquire sensitive personal information, and organizations with siloed consumer data may unwittingly find themselves out of compliance - and subject to fines - in cases of unmerged or outdated records.

Workiva launches W for ESEF to help European companies simplify compliance
2020-04-09 02:30

Workiva, provider of the world's leading connected reporting and compliance platform, launched W for ESEF, a focused solution to help European companies simplify compliance with the European Securities and Markets Authority requirements for European Single Electronic Format reporting. W for ESEF - which is available in 23 European languages - offers a distinct subset of functionality for companies that want a targeted ESEF solution.

Encryption is finally being used primarily to protect personal data rather than just for compliance
2020-04-08 04:00

Traditionally compliance with regulations was the top driver for deploying encryption, but has dropped in priority since 2017, indicating that encryption is transitioning from a requirement to a proactive choice to safeguard critical information. With the proliferation of data from digital initiatives, cloud use, mobility, IoT devices and the advent of 5G networks, data discovery continues to be the biggest challenge in planning and executing a data encryption strategy, with 67% of respondents citing this as their top concern.

Pan-European group plans cross-border contact-tracing app – and promises GDPR compliance
2020-04-06 00:24

A European consortium based in Switzerland plans to this week launch an opt-in location-detecting app to expedite contact-tracing those who have encountered coronavirus carriers. The new group, named Pan-European Privacy-Preserving Proximity Tracing, promises a GDPR-compliant app that sounds a lot like Singapore's TraceTogether service, but also offers considerable detail on how the service is designed to preserve privacy.

Morpheus enables continuous delivery and compliance with updates for K8s, VMware, Terraform
2020-04-02 00:00

Building on a record-setting 2019, Morpheus has released v4.2 of its multi-cloud management platform focused on enabling continuous delivery for customers leveraging Kubernetes, VMware, and Terraform. With v4.2, Morpheus has added support for brownfield Kubernetes clusters in addition to CNCF Certified Morpheus Kubernetes Service and integration with EKS and AKS. Additionally, the Morpheus Kubernetes Service has been CNCF certified up to version 1.17.

Nemko Group acquires System Sikkerhet to offer comprehensive compliance solutions
2020-03-23 00:00

Nemko Group announced the acquisition of System Sikkerhet, a leading provider of assessment and consultancy services within the fields of information technology and cybersecurity. By acquiring a well-respected security certification solutions provider, Nemko will continue to fulfill the growing need for prompt and cost-effective solutions.

Security Compass adds content to SD Elements, enables companies to meet CCPA compliance
2020-03-19 04:00

Security Compass, a software security company that provides organizations with technology to balance secure software development with speed of software delivery, announced that it has added content to SD Elements that enables organizations operating in California to maintain or achieve compliance under the California Consumer Privacy Act. Security Compass customers have immediate access to new content within the SD Elements platform, which was built for automating balanced development.

Automate manual security, risk, and compliance processes in software development
2020-03-09 04:30

In this podcast recorded at RSA Conference 2020, we're joined by Ehsan Foroughi, Vice President of Products from Security Compass, an application security expert with 13+ years of management and technical experience in security research. Most companies know that they need proactive security like threat modeling, risk assessments, security training.

More than 40% of privacy compliance technology will rely on AI by 2023
2020-02-28 04:30

Over 40% of privacy compliance technology will rely on artificial intelligence by 2023, up from 5% today, according to Gartner. AI-powered privacy technology lessens compliance headaches.