External hackers and insider threats. Customer expectations and government mandates.
Data protection is a complex challenge, and it demands attention at every level of an organization. PKWARE's in-house experts are here to help you stay up to date on best practices, emerging trends, and new resources for enterprise data security.
Faced with staffing shortages, skill gaps, and evolving cyber threats, security professionals around the world are beginning to recognize that automation is the future of information security. There’s simply no way that security managers—or end users—can be expected to evaluate every risk and apply appropriate protection to the constantly-multiplying volumes of data they handle.
Back when they were new on the scene, HIPAA's privacy and security rules didn't get much respect. Beginning with the privacy rule's introduction in 2003, the Office of Civil Rights received thousands of complaints and investigated thousands of infractions each year, but took little or no corrective action. In fact, the OCR didn't issue a single fine for a HIPAA privacy or security rule violation between 2003 and 2008.
It's easy to understand how HIPAA got a reputation as a toothless mandate, but things have changed over the last ten years. If anyone needed a reminder of the fact, the OCR delivered one this week with its $16 million fine for the Anthem data breach. The penalty is nearly triple the previous record for a HIPAA fine, and sends a clear message that organizations can expect to pay a heavy toll for neglecting their data protection obligations.
We're now three quarters of the way through New York's two-year-long implementation of its cybersecurity law for financial services companies.
The first law of its kind in the US, NYCRR 500 sets best-practice cybersecurity requirements for all banks, mortgage companies, insurance companies, and other organizations that do business in New York. The requirements are being phased in between March 1, 2017 (when the law first took effect) and March 1, 2019.
A few years from now, stories like this may not even qualify as news. That's how quickly cybersecurity laws—nearly unheard of until recently—are becoming the norm.
For now, though, each new law is worth noting, and the Colorado Protections for Consumer Data Privacy law, which took effect on September 1, is the latest law to hit the books in the US.
Whether they've stayed ahead of the compliance curve since the law was first announced, or have kept their heads in the sand and made no preparations at all, organizations around the world are all wondering the same thing:
What happens next?
PKWARE is proud to announce that CRN, a brand of The Channel Company, has named Jen Ferguson, Director of Partner Marketing, to its prestigious 2018 Women of the Channel list. The executives on this annual list span the IT channel, representing vendors, distributors, solution providers and other organizations that figure prominently in the channel ecosystem.
It was great to see everyone at this year’s RSA conference! The year’s biggest industry event is an ideal opportunity to gain insight into the trends and developments that are shaping the future of cybersecurity. Here’s a quick rundown of the recurring themes we heard in our conversations with information security professionals from around the world.
One month from today, Europe’s General Data Protection Regulation will take effect, and the security strategies prepared by organizations around the world will be put to the test.
The GDPR presents a complex challenge, creating new rules for corporations and new rights for the individuals whose data those corporations collect and process. The more data an organization has, the more difficult it will be to meet that challenge.