Information security laws, investigations and ethics
Get news, advice and commentary on information security laws such as the CFAA, CAN-SPAM and CALEA. Learn about information security legislation, ethical vulnerability disclosure, digital surveillance laws and more.
New & Notable
Information security laws, investigations and ethics News
-
March 18, 2021
18
Mar'21
FBI IC3 report's ransomware numbers are low, experts say
The FBI's Internet Crime Complaint Center reported a massive increase in financial losses from 2020 ransomware attacks, but infosec experts say the problem is worse than statistics say.
-
February 26, 2021
26
Feb'21
Risk & Repeat: Inside the SolarWinds Senate hearing
This week's Senate Intelligence Committee hearing on SolarWinds tackled the attribution case against Russian state-sponsored hackers, as well as questions for AWS.
-
February 17, 2021
17
Feb'21
DOJ indicts additional WannaCry conspirators
The unsealed indictments accuse three individuals of being part of a hacking group, known as APT38 or Lazarus Group, within a North Korean military intelligence agency.
-
February 17, 2021
17
Feb'21
Risk & Repeat: SolarWinds and the hacking back debate
This week's Risk & Repeat podcast looks at a recent '60 Minutes' episode that discussed the possibility of the U.S. government hacking back in response to the SolarWinds attacks.
Information security laws, investigations and ethics Get Started
Bring yourself up to speed with our introductory content
-
Best practices for reporting ransomware attacks
As ransomware continues to surge, companies are faced with decisions to report the attacks, pay the ransom or both. Experts weigh in on the options and best choices. Continue Reading
-
cybercrime
Cybercrime is any criminal activity that involves a computer, networked device or a network. Continue Reading
-
Best practices for ethically teaching cybersecurity skills
Jonathan Meyers has recommendations that teachers and students can use to enhance their teaching and learning of cybersecurity skills to remain relevant in this fast-paced industry. Continue Reading
Evaluate Information security laws, investigations and ethics Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
CMMC requirements set to ripple throughout DOD supply chain
The Department of Defense's CMMC requirements target defense contractors, but organizations throughout the DOD supply chain -- and beyond -- are prepping for the standards. Continue Reading
-
The future of facial recognition after the Clearview AI data breach
The company that controversially scrapes data from social media sites for law enforcement clients announced a data breach. What does it mean for the future of facial recognition? Continue Reading
-
How the future of data privacy regulation is spurring change
Some companies have taken steps to improve data governance in anticipation of data privacy rules. Experts discuss the challenges of compliance in a shifting regulatory landscape. Continue Reading
Manage Information security laws, investigations and ethics
Learn to apply best practices and optimize your operations.
-
Updating the data discovery process in the age of CCPA
Privacy regulations are changing the enterprise data discovery process. Now, automation is key for fulfilling data discovery mandates, including those for CCPA and GDPR. Continue Reading
-
Top tips for using the Kali Linux pen testing distribution
It's the best Linux distro for penetration testers' toolkits, but it's not just any Linux. Get tips on Kali Linux pen testing from project lead Jim O'Gorman. Continue Reading
-
Compliance rules usher in new era for personal data privacy policy
With the rollout of data privacy regulations, individual data rights and the right to be forgotten are forcing organizations to re-examine how they handle customer information. Continue Reading
Problem Solve Information security laws, investigations and ethics Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
How to create a ransomware incident response plan
The increase in recent attacks makes clear the need for a ransomware incident response plan. Here's how to limit the effect of such attacks, as well as what to do if infected. Continue Reading
-
What are the roles and responsibilities of a liaison officer?
While liaison officer responsibilities vary depending on the company they work for, their strong organizational and communications skills make them critical to incident response. Continue Reading
-
CISO tackles banking cybersecurity and changing roles
Over the course of his career in security, Thomas Hill has held varied positions that inform his views on both technological specifics and strategic roles in modern corporations. Continue Reading