News

On an early April morning in 1953, Union Pacific 4005, known as “The Big Boy”, was hauling sixty-two cars westbound at nearly 70 miles per hour along the tracks in southern Wyoming. Weighing in at a whopping 1,200,000 pounds, Big Boy was the biggest steam locomotive ever built. At about 9:55 AM, the massive locomotive barreled toward Red Desert where ...

As businesses are being impacted by the European Union’s (EU) enactment of the General Data Protection Regulation (GDPR), many are asking themselves questions around the ownership of their privacy program. Do I need a Data Protection Officer (DPO)? Can I get by assigning this to my CISO, Director of Compliance, or my General Council? The GDPR requirements for a DPO, ...

Do you understand how to measure your security and compliance program? - if not, check out this webinar with our own Janelle Hsia, Director of Privacy and Compliance.  Learn how good metrics can build the story you bring to management to help ensure your data stays protected and secure. Click here for the Webinar hosted on Surveygizmo ...

As the deadline for GDPR, May 25, 2018, nears, many companies are still struggling with their implementation and some are complete. This MeetUp brings together privacy practitioners, GRC leads, and others interested in and leading their GDPR transformations. The goal of this group is to discuss and share learnings, emerging best practices, technical solutions, and keep up to date on ...

#AmericanCSM   #privacy   #GDPR   #gap analysis #competitive advantage GDPR is about responsible data practices not just ensuring you can check the right boxes. With about four months before the May deadline, a lot of companies are seriously behind with their GDPR implementation. So instead of worrying about it, what steps can you take today that will move your company forward? It ...

As the deadline for GDPR, May 25, 2018, nears, many companies are still struggling with their implementation and some are complete. American Cyber Security Management would like to bring together privacy practitioners, GRC leads, and others interested in and leading their GDPR transformations. The goal of this group is to discuss and share learnings, emerging best practices, technical solutions, and ...

#AmericanCSM #Risk  #Assessment When it comes to risk assessments, there isn’t a one size fits all kind of questionnaire template. You need to figure out what is important to your organization, your organization's approach to governance, and the organization’s risk tolerance. There are lots of guides and thousands of canned questions to choose from, but it really depends on having ...

Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure computing environment, has released their take on the European General Data Protection Regulations (GDPR) which take effect May 2018. In addition to releasing the CSA Code of Conduct for GDPR Compliance they also have launched the CSA GDPR ...

Who was breached today? This is the common question. Days are gone where we wonder if a business was breached or if our data was stolen from a public system. But what happens after May 25th, 2018 when GDPR is in full effect? With the European Union’s (EU) enactment of the General Data Protection Regulation (GDPR), if breached systems contain ...

Defining the Baseline for Application Developers’ Security Knowledge The blog posts that I’ve published over the past few weeks have explored the security skills gap and the training, resources, and processes required to address application security. In today’s article, let’s take a swing at defining the knowledge and skills our development staff needs in order to produce secure application software ...