The latest compliance technology and best practices to help organizations meet data privacy and security requirements.
How to use this template: Comments intended to guide understanding and use of this patch management policy template will be enclosed in brackets “[…]” and the ‘company’ will be listed as [eSecurity Planet] throughout the document. When converting this template to a working policy, eliminate the bracketed sections and replace “[eSecurity Planet]” with “YourCompanyName.” This… Read more
In a case that ups the stakes for CSOs dealing with data breaches, former Uber chief security officer Joe Sullivan was found guilty by a federal jury earlier this week of obstructing justice and of misprision (concealing) of a felony in connection with his coverup of a 2016 breach. United States Attorney Stephanie M. Hinds… Read more
For years, the U.S. Securities and Exchange Commission (SEC) strongly advised public companies to improve their cybersecurity. However, after minimal corporate adoption of stronger cybersecurity, the SEC has drafted rules to require more formal cybersecurity reporting and disclosure. This requirement copies the strategies of previous legislation that dramatically improved financial reporting for both public and… Read more
An IT security certification can provide a key boost for your career, but with so many different certifications available (and so many organizations more than happy to take your money for training and testing), it’s important to make sure that the time and investment are well spent. The right certification can serve as a key… Read more
Encryption and the development of cryptography have been a cornerstone of IT security for decades and remain critical for data protection against evolving threats. While cryptology is thousands of years old, modern cryptography took off in the 1970s with the help of the Diffie-Hellman-Merkle and RSA encryption algorithms. As networks evolved and organizations adopted internet… Read more
The COVID-19 pandemic has driven a massive increase in e-commerce spending, doubling to an expected $1 trillion this year, according to Adobe. But that spending surge has brought with it a corresponding rise in payment security challenges. eSecurity Planet sat down with Dustin White, chief risk data officer at Visa, to discuss some of the… Read more
In an age of strong data privacy laws like GDPR and CCPA, data loss prevention (DLP) technology is becoming a critically important IT security tool. Every organization has data, and some of that data is more sensitive than others. Sensitive data can include personally identifiable information (PII) that can impact user privacy. Sensitive data also includes payment and financial information that… Read more
Users may believe that when they delete a file on their hard drive, the document no longer exists. However, IT professionals understand that the data itself may remain. Yet even experienced IT professionals may not understand the differences between different types of hard drive file erasure, data overwrite standards, or when those methods might fail… Read more
How can a hospital protect an MRI machine with an unchangeable password and still connect it to the network? How can an industrial recycler safely secure its $400,000 hard drive recertification rack with control software that only runs on Windows XP? These are not uncommon risks. The devices themselves can’t be secured, but that doesn’t… Read more
Compliance issues can be tricky, especially when there are so many data privacy laws. Find out how to comply with GDPR, PIPL, and CCPA. Read more