Information security laws, investigations and ethics

Get news, advice and commentary on information security laws such as the CFAA, CAN-SPAM and CALEA. Learn about information security legislation, ethical vulnerability disclosure, digital surveillance laws and more.

New & Notable

Download this free guide

Instant Download: Building an Incident Response Action Plan

77% of organizations admit they don’t have a formal cybersecurity incident response plan (CSIRP) that is applied consistently across the organization, according to IBM. If you’re one of them, here’s everything you need to know about building an efficient incident response action plan.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Information security laws, investigations and ethics News

October 04, 2019 04 Oct'19
Risk & Repeat: Trump takes aim at DNC hack and CrowdStrike

This week's Risk & Repeat podcast looks at President Trump's recent comments about CrowdStrike and the DNC 'server' and the misinformation around Russian election interference.
October 03, 2019 03 Oct'19
Zendesk breach in 2016 affected 10,000 customers

Zendesk disclosed a previously undetected security incident from 2016 in which data for 10,000 customer accounts was accessed, but the disclosure is missing some key details.
October 01, 2019 01 Oct'19
Bulletproof host raided in former NATO bunker

German authorities arrested seven in raid of bulletproof hosting company CyberBunker -- which was housed in a former NATO bunker -- for allegedly hosting dark web marketplaces.
September 27, 2019 27 Sep'19
New York files lawsuit over Dunkin' breach response

The New York attorney general filed a lawsuit against Dunkin' Brands regarding attacks dating back to 2015 and alleges the company failed to respond or notify victims properly.

View All News

Information security laws, investigations and ethics Get Started

Bring yourself up to speed with our introductory content

cyberterrorism

According to the U.S. Federal Bureau of Investigation, cyberterrorism is any 'premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by ... Continue Reading
cybercrime

Cybercrime is any criminal activity that involves a computer, networked device or a network. Continue Reading
USA Patriot Act

The USA Patriot Act is a law enacted in 2001, granting new and extended data-collection abilities to federal agencies in an effort to combat terrorism after the September 11 attacks. Continue Reading

View All Get Started

Evaluate Information security laws, investigations and ethics Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Diversity at cybersecurity conferences is too important to ignore

Diversity at cybersecurity conferences became a hot topic in early 2018. Innovation Women founder Bobbie Carlton discusses why it takes more work to get women in security on stage. Continue Reading
Active Cyber Defense Certainty Act: Should we 'hack back'?

With the proposal of the Active Cyber Defense Certainty Act, individuals would be able to 'hack back' when information is stolen. Matt Pascucci makes the case against the bill. Continue Reading
Consumer expectations, GDPR complicate data privacy protection

Xerox CISO Alissa Johnson says U.S. companies will be forced to reconsider their information protection strategies as consumers' data privacy protection expectations evolve. Continue Reading

View All Evaluate

Manage Information security laws, investigations and ethics

Learn to apply best practices and optimize your operations.

Top tips for using the Kali Linux pen testing distribution

It's the best Linux distro for penetration testers' toolkits, but it's not just any Linux. Get tips on Kali Linux pen testing from project lead Jim O'Gorman. Continue Reading
Compliance rules usher in new era for personal data privacy policy

With the rollout of data privacy regulations, individual data rights and the right to be forgotten are forcing organizations to re-examine how they handle customer information. Continue Reading
CISO tackles banking cybersecurity and changing roles

Over the course of his career in security, Thomas Hill has held varied positions that inform his views on both technological specifics and strategic roles in modern corporations. Continue Reading

View All Manage

Problem Solve Information security laws, investigations and ethics Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Women in cybersecurity: How to make conferences more diverse

The lack of women speaking at security conferences might be representative of the low number of women in cybersecurity, but efforts are finally being made to close the gender gap. Continue Reading
When does the clock start for GDPR data breach notification?

As new GDPR data breach notification rules go into effect, companies must be ready to move faster than before. Mimecast's Marc French explains what will change and how to cope. Continue Reading
What will GDPR data portability mean for enterprises?

Enforcement of the EU's Global Data Protection Regulation is coming soon. Mimecast's Marc French discusses the big questions about GDPR data portability for enterprises. Continue Reading

View All Problem Solve