Governance Archives

2020 News in Review

January 4, 2021
Tim Crino
Africa, Artificial Intelligence, Banks, Biometric, Brazil, Breach prevention, Breach response, Business Continuity, C-Suite, Canada, CCPA, CISO, CMMC, CNIL, Compliance, Consumer Privacy, COVID-19, Cyber Fraud, Cybercrime, Cybersecurity, Data Mapping and Inventory, Data Privacy, Data Protection, Data Rights Management (DRM), data trusts, differential privacy, DPO, Dubai, European Union, Federal Reserve, Federated Learning, Financial Services, GDPR, GLBA, Governance, Government Contracting, Hiring, Hybrid, International Agreements, Investigations, Japan, Machine Learning, New York State, NIST, Penalties and Enforcement, Phishing, Privacy, Privacy Shield, Project Management, Resilience, State Laws, Third Party Compliance, United Kingdom, US Regulatory, Work from Home

Week Ending December 28 ICO Warns SolarWinds Victims to Report Breaches The United Kingdom’s Information Commissioner’s Office (ICO) has issued a warning to organizations compromised by the SolarWinds breach. The breach, which was carried out by Russian hackers, affected more than 18000 organizations worldwide. ICO requires UK data controllers subject to NIS regulations to report…

To access this post, you must purchase Student, Government or Professional.

2021 Forecast for Data Privacy Legislation

December 22, 2020
Max Totsky
CISO, Compliance, Consumer Privacy, COVID-19, Cybersecurity, Data Privacy, Data Protection, GDPR, Governance, International Agreements, Op-Ed, Privacy Shield
0 Comments

2020 was a massive year for data privacy. New laws became effective all around the world and, in turn, organizations were forced to amp up their data privacy measures to comply. Data privacy regulations are only getting stricter, and that…

CANADA PROPOSED NEW DATA PRIVACY LEGISLATION

Canada Proposes New Data Privacy Legislation

November 25, 2020
Max Totsky
Canada, Data Privacy, Data Protection, Governance, Privacy

It’s been a busy year for privacy legislation. California voted to expand the scope of personal information, the EU put limits on data transfers to the United States, and Brazil unveiled a law that, among other things, calls for companies to hire a Data Protection Officer. Since 2000, data privacy in Canada’s private sector has…

To access this post, you must purchase Student, Government or Professional.

Why Your Organization Needs a Compliance Framework

With every new piece of data privacy legislation, more and more companies are scrambling to prioritize their customers’ privacy. That means making sure the entire organization is on the same page when it comes to cybersecurity. One way to do that is by implementing a compliance framework–a standardized set of best practices that help an organization…

To access this post, you must purchase Student, Government or Professional.

The Role of a Data Protection Officer

September 22, 2020
Max Totsky
Data Protection, DPO, GDPR, Governance, Hiring

Privacy regulations such as the EU’s General Data Protection Regulation (GDPR) and, more recently, Dubai’s Data Processing Law (DPL 2020) make it mandatory for organizations to appoint a Data Protection Officer (DPO). Under GDPR, a DPO is required for any organization that consistently monitors EU-based data subjects on a large scale. This might exclude smaller…

To access this post, you must purchase Student, Government or Professional.

Building a Governance Department: A Guide

August 18, 2020
Max Totsky
Data Mapping and Inventory, Data Privacy, Governance, Hiring

Editor’s Note: This is the second article in a series geared toward small and medium-sized enterprises that are building dedicated governance teams to deal with emerging data privacy laws like GDPR and CCPA. For the many organizations that have begun to grapple with the reality of data privacy laws–the challenge of compliance can seem insurmountable.…

To access this post, you must purchase Student, Government or Professional.

Breaking Down the EasyJet Hack

June 9, 2020
Max Totsky
Breach prevention, Breach response, Data Protection, GDPR, Governance

Earlier this month, European budget airline EasyJet was hacked. In a “highly sophisticated attack,” 9 million customers had personal information, including email addresses and travel itineraries, compromised. And 2,208 customers had their credit card information stolen. The attack has left many customers “in limbo”, with many questioning how a company that claimed to comply with…

To access this post, you must purchase Student, Government or Professional.

How to Build a RACI Matrix

June 8, 2020
Max Totsky
Governance, Members Only, Project Management, RACI

Every member of an institution–from board member to secretary–is responsible for playing a part in data privacy and cybersecurity. The caveat to this rule is that no two roles should have the same level of responsibility, and institutions which fail to properly assign duties risk inefficiencies at best, and compliance-related fines at worst. There are…

To access this post, you must purchase Student, Government or Professional.

Advisory Board Member Jody Westby: Coronavirus Response Requires D&O Review

Editors Note: This article was written by Advisory Board Member, Jody Westby, for LeadersEdge, the content platform of The Council of Insurance Agents & Brokers. As most organizations and governments closed their offices and ordered employees to work from home…

Cybersecurity: Executives Throughout the Organization Must Be Involved

February 18, 2020
Carlos Solari
Compliance, Cybersecurity, Governance, Resilience
0 Comments

We live in a world where cybersecurity breaches have become everyday occurrences. The headlines generally describe the same scenario, played out again and again. Bad actors find a backdoor, companies and government agencies are blindsided, consumer data is compromised. The…