It’s been quite an interesting few weeks in the land of data breach disclosures. We started with Under Armour disclosing a breach in their MyFitnessPal application that impacted 150 million users. A few days later, Lord & Taylor and Saks Fifth Avenue disclosed a breach impacting millions of their in-store shoppers. Later the same day, […]
The newly ratified Singapore Cybersecurity Bill is Singapore’s answer to securing critical information infrastructure (CII) providers, minimizing threats from malicious actors. But now that the bill has been signed into law, analysts and practitioners alike are raising concerns about the high costs and logistic challenges of enforcing it. CII providers are defined as the owners […]
Securing the Internet of Things (IoT) seems like an endless reality version of “Mission Impossible”—really impossible. Many have tried—with lists of best practices and standards, exhortations, and warnings—but none has succeeded. Still, the U.K. government, in a policy paper titled Secure by Design released earlier this month, says it is also going to try, with a 13-point […]
By now, you’re probably aware that the General Data Protection Regulation (GDPR) is coming. Taking effect on May 25, 2018, GDPR aims to unify the European Union (EU) on common data protection practices. Bringing more control and higher standards, this regulation will affect how firms gather, store, and use data pertaining to EU residents. Let’s […]
Posted in Security Standards and Compliance | Comments Off on The 7 elements of GDPR software security compliance
Trying to secure the Internet of Things (IoT) makes herding cats look like a breeze. The IoT is rapidly becoming the Internet of Everything—billions of devices with an almost endless variety of designs and purposes, embedded in vehicles, homes, factories, critical infrastructure, health, fitness, finance, and more. And for the large majority of those devices, […]
What is GDPR? In January 2012, the European Commission (EC) in Brussels proposed a reform of the European Union’s (EU’s) 1995 data protection rules to “make Europe fit for the digital age.” New technologies and globalization have had a profound impact on how information is collected, accessed, and used. Furthermore, the 27 EU member states […]
If your organization competes in the global market, expect GDPR to have a critical influence on the software that powers your business. Having a disciplined software security strategy will help you not only identify, remediate, and prevent vulnerabilities in your software but also avoid violating GDPR. Listen as experts Adam Brown of Synopsys and legal […]
Posted in Security Standards and Compliance | Comments Off on Webinar: What will GDPR requirements mean for your security initiative?
When the General Data Protection Regulation (GDPR) takes effect, it will replace the Data Protection Directive (DPD), also known as Directive 95/46/EC, of 1995. Adopted April 27, 2016, the GDPR will become enforceable May 25, 2018. The following is a detailed explanation of the differences between the DPD and the GDPR, as well as new […]
Posted in Security Standards and Compliance | Comments Off on The Data Protection Directive versus the GDPR: Understanding key changes
From the moon to autonomous driving There is a general awareness that software complexity has been growing immensely over time. Starting a few decades ago with special-purpose tasks, such as calculating equations to send a man to the moon, we are now at a stage where our world and much of our lives depend intrinsically […]
Now that a new year is upon us, we must remember that this is the year the General Data Protection Regulation (GDPR) supersedes Directive 95/36/EC. The new regulation will take effect May 25, 2018. In other words, this is the date by which organizations must be compliant. Primary obligations under GDPR GDPR applies to the […]
Posted in Security Standards and Compliance | Comments Off on What does GDPR enforcement mean for your business?