Articles about compliance

Among governance, risk, and compliance (GRC) professionals responding to a new survey, 69 percent say that deploying a GRC platform that doesn't need developer support would improve their role.

The study from Onspring finds that a worrying 73 percent of respondents still needed a developer to update and administer their GRC programs, indicating a clear need for technologies that don't require developer input.

Continue reading →

A new survey from Delinea of over 2,000 IT security decision makers (ITSDMs) reveals that only 39 percent of respondents think their company's leadership has a sound understanding of cybersecurity's role as a business enabler.

In addition, over a third (36 percent) believe that it is considered important only in terms of compliance and regulatory demands, while 17 percent say it isn't seen as a business priority.

Continue reading →

Enterprise browser specialist Talon Cyber Security has announced that it has integrated its secure enterprise browser with the Microsoft Azure OpenAI Service to provide enterprise-grade ChatGPT access to customers.

This allows organizations to maintain data protection, keeping data put into ChatGPT within their perimeter and preventing it from transferring to third-party services. When using ChatGPT in Azure OpenAI Service, the organization uses its own Azure resources, so sensitive data is not delivered to other locations, improving data security and reducing risk.

Continue reading →

The financial technology (fintech) industry is a rapidly expanding web of innovation, but it is also becoming increasingly entangled by challenges posed by cybercriminals. These bad actors threaten both data security and regulatory compliance, which can result in heavy fines for noncompliance.

Such fines pose a significant risk for entrepreneurs seeking to quickly scale their operations, as they cannot afford to be bogged down by regulatory issues. Even established businesses find it challenging to navigate the complex layers of financial regulations, let alone startups.

Continue reading →

IT and security professionals spend an average of 4,300 hours annually achieving or maintaining compliance, according to a new study.

The survey, from automation platform Drata of 300 IT and security professionals in fast-growing organizations across the US, finds 87 percent of respondents have faced consequences as a result of not having continuous compliance, these include slowed sales cycles, security breaches, business interruption, loss of a business relationship, a damaged reputation, or fines.

Continue reading →

In the past decade, privacy-related legislation has developed considerably. The 'privacy industry' has gone through a metamorphosis not seen in many other disciplines. Now, as we reflect on the future post-pandemic, we must recognize that being able to quickly access and share accurate data is fundamental to everyone. 

When thinking about this, it’s important to remember that there’s a heavy overlap between business and personal aspects, an example of this is password managers. These will have both personal and work-related credentials saved to them, which can be hard to distinguish, and this is why corporate family use plans exist.

Continue reading →

According to a new report, 73 percent of business leaders think responsible technology use will become as important as business or financial considerations when making tech decisions.

The study from Thoughtworks is based on a survey of 550 senior executives from nine countries around the world. When asked about the tangible business benefits of adopting responsible technology, the top response was better customer acquisition/retention (47 percent).

Continue reading →

Cyber threats are on the rise across every industry and business size, highlighting the importance of maintaining network compliance for organizations and especially for IT and security teams.

But that's easier said than done, with many industry-specific compliance regulations like the Health Insurance Portability and Accountability Act (HIPAA) or the Payment Card Industry Data Security Standard (PCI) each with their own set of standards and processes.

Continue reading →

It has been estimated that there are some 43 zetabytes of data stored by enterprises today that are inaccessible and not commercialized due to privacy concerns, operational complexity and regulations.

With the California Consumer Privacy Act (CCPA) becoming fully operational on January 1 2023 and other legislation in place or coming around the world, the need for businesses to find new data accessibility methods that are compliance-friendly is very real.

Continue reading →

The change to hybrid work and increased adoption of cloud-based services has led to greater pressure on enterprises to get a grasp on their identity management.

Digital identity company ForgeRock is launching a new identity governance solution designed to address identity and compliance issues for large organizations.

Continue reading →

Why do people try to circumvent security controls -- for example to access an unapproved SaaS application or cloud service?

New research from Nudge Security suggests it may simply be down to poor user experience of the security process. "We now have evidence to suggest that improving the employee experience of security can actually lead to better security outcomes," says Russell Spitler, CEO and co-founder of Nudge Security.

Continue reading →

Two-thirds (66 percent) of security and compliance leaders are worried that their employees are using unmonitored communications channels, according to a new report.

The study from Theta Lake finds 67 percent of respondents expect the usage of collaboration tools and popular platforms like Microsoft Teams, Zoom, Webex, Slack and RingCentral to increase.

Continue reading →

Three quarters of C-suite executives responding to a new survey say that compliance challenges and security challenges limit their company's ability to innovate.

The study from software delivery platform CloudBees also shows executives overwhelmingly favor a shift left approach, a strategy of moving software testing and evaluation to earlier in the development lifecycle, placing the burden of compliance on development teams.

Continue reading →

Nowadays there are apps for almost everything. As users they clutter up our phones and tablets, but they present problems for businesses too, in particular the storing and analysis of the data they create.

Data is often tied to a specific app and each app needs its own copy, so enterprises can end up with lots of copies of the same information leading to issues with control, compliance and more.

Continue reading →

An increasing volume of regulations surrounding the security and privacy of data have been implemented in recent years. This represents a challenge for businesses that need to ensure they remain compliant.

The challenge has become even greater due to the pandemic and the consequent shift in working patterns. So how can enterprises ensure that they remain compliant and don't fall foul of the rules?

Continue reading →