The Covid-19 coronavirus pandemic has highlighted fundamental gaps and failings in organisational attitudes to cyber security, with the result that security projects are receiving increased attention and budget across the board, according to the latest, updated edition of the TechTarget/Computer Weekly IT Priorities 2020 survey.

At the beginning of 2020, risk management and compliance were seen as the top spending priorities for CISOs, and while this remains a key area of focus, much has changed.

According to the new data, which was compiled in September and October 2020, with two exceptions, the most widespread IT projects all related to security and data protection, with end-user security training, governance, risk and compliance tools, and multifactor authentication the top current projects.

CIOs are also focusing heavily on vulnerability management, fraud detection systems and tools, identity and access management (IAM), and disaster recovery.

A total of 77% of respondents said investment in security and risk management was easier to justify since the pandemic began – while 71% said the same of backup and disaster recovery solutions – and the data clearly shows…

Read More…

The COVID-19 pandemic is taking a heavy toll on people’s health, lives, and societies. Lots of us have felt worried about the coronavirus pandemic, and everyone will feel differently about the changes to lockdown restrictions. If you have lost a job as a result of COVID-19 we would like to offer you free full access… Continue reading Free access to RAW2020 to anyone who lost a job due to COVID-19

Free access to RAW2020 to anyone who lost a job due to COVID-19

The COVID-19 pandemic is taking a heavy toll on people’s health, lives, and societies. Lots of us have felt worried about the coronavirus pandemic, and everyone will feel differently about the chang

Присоеденяйтесь к официальной группе ИСАР в Facebook

Privacy management company DataGrail analyzed how many CCPA data subject requests went across its platform in the first half of 2020 and found that organizations should expect to process hundreds of CCPA data subject requests (DSRs), with do-not-sell requests being the most popular requests from consumers.

Highlights from the report include:

• Do-not-sell (DNS) requests are the most common type of DSR by 2x
• One-third of every DSR will go unverified, confirming the need for a robust and scalable verification method
• 40 percent of access requests were NOT verified, validating concerns that fraudulent requests could be made to steal data
• In 2020, companies manually processing DSRs should expect to pay $240,000 per one million records to fulfill requests
• B2C companies should prepare to process approximately 170 total DSRs per one million consumer records each year

Download the report below to read the full findings.

Подробнее…

IndustryGrowthInsights (IGI), a prominent market research firm in its own industry, has published a detailed report on Global Privacy Management Tools Market. This market research report provides comprehensive and in-depth analysis on the market which can possibly help an enterprise to identify lucrative opportunities and assist them with fabricating creative business strategies. The market report provides information about the current market scenario regarding the global supply and demand, key market trends and opportunities in the market, and challenges and threats faced by the industry players.

The Privacy Management Tools market report talks about the competitive scenario among the industry players and imparts aspiring and emerging industry players with the future market insights in a detailed manner. This market report includes crucial data and figures which are structured out in a concise yet understandable manner. The research report covers the updates on the government regulations and policies which illustrates key opportunities and challenges of the market. IndustryGrowthInsights (IGI) has been monitoring the market since few years and collaborated with eminent…

Read More…

by Optiv • Jul 24, 2020

It is safe to say that 2020 has not progressed as planned for nearly everyone. However, some things have proceeded as scheduled. As of July 1, 2020, the California Consumer Privacy Act (CCPA) is officially in place.

No doubt, you have seen the news articles and alerts about this new regulation. Some minor details still need to be pushed through, most notably the approval of the final regulation by the Office of Administrative Law (OAL). While this has caused some confusion, based on a June 2 press release, the California attorney general is committed to enforcing the CCPA if violations are not resolved within 30 days after AG-provided notice of alleged non-compliance.

Let’s dissect the reasons this is a significant regulation and provide an overview of key steps that organizations should be taking before enforcement begins.

Personally Identifiable Information Protection (PII)

The fact is that most organizations are terrible at protecting PII. This has become exacerbated when you look at how technology has exponentially increased data touchpoints (where, when and how quickly) and the types of data an organization can collect. PII is valuable…

Read More…

Which data privacy laws apply to your organization? How can you prepare for e-discovery and information requests? In this guide, Aparavi outlines a best-practices approach to data privacy and compliance.

Download your free copy below.

Подробнее…

The Company is committed to making risk-informed decision by identifying, analyzing’ prioritizing’ and mitigating the risks that may have an impact on the Company achieving its mandate, strategic goals, operational objectives, projects and day-to-day activities. For Company to effectively fulfills its risk management commitment, the following principles should be adhered to:

• Integrated – Risk management is an integral part of all Company Name
• Structured and comprehensive – A structured and comprehensive approach to risk management contributes to consistent and comparable results.
• Customized – The risk management framework and processes are customized and proportionate to the Company Name external and internal context related to its objectives.
• Inclusive – Appropriate and timely involvement of stakeholders enables their knowledge, views and perceptions to be considered. This results in improved awareness and informed risk management.
• Dynamic – Risks can emerge, change or disappear as a Company Name external and internal context changes. Risk management anticipates, detects, acknowledges and responds to those changes and events in an appropriate and timely manner.
• Best available information – The inputs to risk management are based on historical and current information, as well as on future expectations. Risk management explicitly takes into account any limitations and uncertainties associated with such information and expectations. Information should be timely, clear and available to relevant stakeholders.
• Human and cultural factors – Human behavior and culture significantly influence all aspects of risk management at each level and stage.
• Continual improvement – Risk management is continually improved through learning and experience.