News

Do you know what makes a quality penetration test? Important aspects to consider:

• Quality of the “report” or “deliverables” from the pen test!
• Clarity of ranking of findings (Critical, High, Med, etc.)
• Usefulness of the suggested remediation steps
• Accuracy of the scope
• Applicability to your compliance needs
• Speed of results (so you can secure it quickly)
• Expertise and experience ...
  
  Read More

Iowa is now the 6th U.S. State to pass a privacy law. Is your business ready for the Iowa Consumer Data Protection Act that goes into effect on January 1, 2025? If your business processes more than 100,000 Iowa individuals’ data, or derives 50% of revenue from selling 25,000 individuals’ data, then your business will be subject to this new ...

Is your business ready for the Colorado Privacy Act (CPA) that goes into effect on July 1, 2023? If your business processes more than 100,000 individual’s data, or derives revenue from selling 25,000 individual’s data, then your business will be subject to this new law. Nonprofits are included in this regulation as well. Your business will need to be able ...

Rocky Mountain Information Security Conference is back! It is back to its regularly scheduled time of year, in June. The call for papers is open and we are building out our 3-day agenda. Once again, Wed June 7 will be a full day of Privacy. While it is not formally called Privacy Day, it is still the same level of ...

With all of the bad actors using Facebook to lure citizens into false relationships, false advertising, deep fakes, and their numerous privacy violations, we have decided to drive more awareness around these issues with this post and by NOT participating in a historically insecure and privacy disrespecting environment. Facebook has seen a long list of privacy and security violations, to ...

On October 7, 2022, President Biden signed an Executive Order to implement a data privacy framework for data transfers between the European Union and the United States. The EU’s General Data Protection Regulation (GDPR) places restrictions on transfers of personal data to certain countries outside of the EU and the European Economic Area (EEA). The United States is considered to ...

Last year, Apple released a software update featuring advances to sustain its privacy leadership.  These new features help users control and monitor apps’ use of their data. Apple’s approach to protecting customers’ privacy by positioning customers into a more active role in protecting their own privacy appears to be popular with Apple’s customers. Still, it seems less popular with social ...

Earlier this summer, a draft was released of the American Data Privacy and Protection Act (ADPPA) that is making its way through the legislative process. Although any formally proposed legislation will likely vary in some respects, this draft of the ADPPA provides some insight into what can be expected from any upcoming final iterations of the legislation. The stated purpose ...

AmericanCSM.com (ACSM) is proud to announce that Carlin Dornbusch will present at the Cloud Security Alliance (CSA) Denver Fall Summit ‘22. The CSA Fall Summit is an annual event held this year at The Tivoli Center (900 Auraria Pkwy 900 Auraria Parkway Denver, CO 80204) on October 18, 2022. This all-day event brings together Colorado’s best cloud security experts to ...

AmericanCSM.com (ACSM) and Schellman are coming together to discuss the value of ISO-27001 Certification. ACSM’s CEO, Carlin Dornbusch (https://www.linkedin.com/in/carlindornbusch/ ), and ACSM’s VP, Paul Herbka (https://www.linkedin.com/in/pherbka/ ), talk with Schellman’s ISO Practice Director, Danny Manimbo (https://www.linkedin.com/in/danny-manimbo-2b199718/), on September 15th, 1:00 pm ET, about the value of businesses becoming ISO-27001 certified. If you are interested in learning more about ISO-27001 certification ...