News

As an IT or Cyber Executive, what area is most important for me to focus my time and money?  If you haven’t had a maturity assessment lately, you may not know.  Sure, lots of things might help, but what is the most important gap to fill, to take your security program to the next level?  Getting clarity, focus, and a ...

In the rapidly evolving landscape of data privacy, staying abreast of new regulations is vital for businesses. The Colorado Privacy Act (CPA), a recent addition to this landscape, has significant implications for businesses, and it is now in effect as of July 1, 2023! Does this apply to your business? The CPA has specific criteria for applicability. It pertains to ...

Do you know what makes a quality penetration test? Important aspects to consider:

• Quality of the “report” or “deliverables” from the pen test!
• Clarity of ranking of findings (Critical, High, Med, etc.)
• Usefulness of the suggested remediation steps
• Accuracy of the scope
• Applicability to your compliance needs
• Speed of results (so you can secure it quickly)
• Expertise and experience ...
  
  Read More

Iowa is now the 6th U.S. State to pass a privacy law. Is your business ready for the Iowa Consumer Data Protection Act that goes into effect on January 1, 2025? If your business processes more than 100,000 Iowa individuals’ data, or derives 50% of revenue from selling 25,000 individuals’ data, then your business will be subject to this new ...

Is your business ready for the Colorado Privacy Act (CPA) that goes into effect on July 1, 2023? If your business processes more than 100,000 individual’s data, or derives revenue from selling 25,000 individual’s data, then your business will be subject to this new law. Nonprofits are included in this regulation as well. Your business will need to be able ...

Rocky Mountain Information Security Conference is back! It is back to its regularly scheduled time of year, in June. The call for papers is open and we are building out our 3-day agenda. Once again, Wed June 7 will be a full day of Privacy. While it is not formally called Privacy Day, it is still the same level of ...

With all of the bad actors using Facebook to lure citizens into false relationships, false advertising, deep fakes, and their numerous privacy violations, we have decided to drive more awareness around these issues with this post and by NOT participating in a historically insecure and privacy disrespecting environment. Facebook has seen a long list of privacy and security violations, to ...

On October 7, 2022, President Biden signed an Executive Order to implement a data privacy framework for data transfers between the European Union and the United States. The EU’s General Data Protection Regulation (GDPR) places restrictions on transfers of personal data to certain countries outside of the EU and the European Economic Area (EEA). The United States is considered to ...

Last year, Apple released a software update featuring advances to sustain its privacy leadership.  These new features help users control and monitor apps’ use of their data. Apple’s approach to protecting customers’ privacy by positioning customers into a more active role in protecting their own privacy appears to be popular with Apple’s customers. Still, it seems less popular with social ...

Earlier this summer, a draft was released of the American Data Privacy and Protection Act (ADPPA) that is making its way through the legislative process. Although any formally proposed legislation will likely vary in some respects, this draft of the ADPPA provides some insight into what can be expected from any upcoming final iterations of the legislation. The stated purpose ...