compliance
-
Blog
How the IT channel can help on the route to cybersecurity regulatory compliance
To combat the increasing frequency and sophistication of cyber attacks, resulting in untold damage to business continuity and to the economy, we have seen a growing number of regulations aiming to raise cybersecurity standards. The most significant of these regulations are the Network and Information Security 2 Directive (NIS2), the Digital Operational Resilience Act (DORA), and the Cyber Resilience Act…
Read More » -
Blog
Salesforce Drops DEI Commitments, Reframes Equality as Legal Compliance
Image: Creative Commons Salesforce has effectively eliminated diversity hiring targets. The company removed specific hiring goals, including ones to increase the representation of women and minority groups, and the term “diversity” from its latest annual report, filed Wednesday. The move comes on the heels of a series of executive orders from President Donald Trump calling for the removal of diversity,…
Read More » -
Blog
36 US schools report data breaches following ransomware attack on Carruth Compliance Consulting
Ransomware gang Skira today claimed responsibility for a December 2024 data breach at Carruth Compliance Consulting. The breach led to at least three dozen school districts and colleges across the US–Carruth’s clients–reporting data breaches that compromised the personal data of more than 110,000 school employees. Carruth administers the retirement savings plans for these school districts. It started notifying victims of…
Read More » -
Blog
Compliance in Multi-Cloud Environments Guide
Organizations are increasingly adopting multi-cloud environments, where they use services from multiple cloud providers to meet their diverse business needs. Multi-cloud strategies offer many benefits, such as improved reliability, flexibility, and reduced vendor lock-in. They also introduce significant challenges when it comes to compliance. Maintaining compliance in a decentralized, multi-cloud environment requires businesses to navigate complex regulatory requirements, varied cloud…
Read More » -
Blog
Cybersecurity Automation & Compliance Strategies
Cybersecurity has become a critical priority for organizations of all sizes and industries, with cyberattacks evolving in sophistication and scale. From phishing attacks to ransomware, data breaches to denial-of-service (DoS) attacks, the frequency, and variety of cybersecurity threats are at an all-time high. In this environment, manual intervention and traditional security practices can no longer keep up with the dynamic…
Read More » -
Blog
Automated Compliance Reporting: Key Tools & Benefits
Compliance with industry standards and legal requirements is crucial for any organization. From finance to healthcare to retail, businesses must adhere to a wide array of regulations designed to protect data, ensure security, and promote fairness in business practices. Compliance is no longer a one-time task but an ongoing responsibility, which often requires frequent audits, documentation, and updates to ensure…
Read More » -
Blog
What Is GRC? Understanding Governance, Risk, and Compliance
Governance, risk, and compliance, often called GRC, is a blanket term that describes the strategies and technologies used to manage an organization’s compliance with regulatory mandates and corporate governance standards. The concept of GRC can be traced back to 2003, but the topic was first extensively discussed in a peer-reviewed paper by Scott L. Mitchell, published in the International Journal…
Read More » -
Blog
EU pulls back – for the moment – on privacy and genAI liability compliance regulations – Computerworld
The critical factor is that another, much larger piece of legislation, called simply the EU AI Act, is just about to kick in, and regulators wanted to see how that enforcement went before expanding it. “They want to see how these other pieces of the framework are going to work. There are a lot of moving parts so (delaying) is…
Read More » -
Blog
21% of CISOs Have Been Pressured Not to Report a Compliance Issue
Over a fifth of CISOs have been pressured not to report a compliance issue, according to new research. As they take on greater responsibility in the boardroom, they also face increasing accountability for security incidents, making them more vulnerable to executive pressure when compliance risks arise. The report, published by data management platform Splunk, also found that 59% of CISOs…
Read More » -
Blog
Governance, risk, and compliance is a major growth opportunity, but how will the market develop?
The multi-billion governance, risk, and compliance (GRC) market is being driven by an increasingly complex regulatory environment, including GDPR, NIS2, and the Digital Operational Resilience Act (DORA) frameworks, among others. At the same time, the growing integration of AI and automation technologies into GRC solutions is fueling adoption, as businesses see the benefits of applying digital transformation across their GRC…
Read More »