Get started
Bring yourself up to speed with our introductory content.
Get started
Bring yourself up to speed with our introductory content.
Whistleblower Protection Act
The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from retaliatory action for voluntarily disclosing information about dishonest or illegal activities occurring in a government ... Continue Reading
Identify gaps in cybersecurity processes to reduce organizational risk
Organizational risk is a given at modern companies. But as threats persist, identifying preventable cybersecurity gaps presents an opportunity to strengthen enterprise defenses. Continue Reading
smart contract
A smart contract, also known as a cryptocontract, is a computer program that directly controls the transfer of digital currencies or assets between parties under certain conditions. Continue Reading
-
Key elements of an effective incident response playbook
In this book excerpt, cybersecurity expert and author Bryce Austin highlights the importance of creating an effective incident response plan and delineates its key elements. Continue Reading
Gearing up to meet GDPR compliance requirements
In this webcast, attorney Nicholas Merker discusses the necessary steps companies should be taking to meet the EU's looming GDPR compliance requirements. Continue Reading
risk map (risk heat map)
A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A risk map helps companies identify and prioritize the risks associated with their business.Continue Reading
FAQ: How is the Privacy Shield Framework being enforced?
The FTC has issued its first enforcement actions for companies found in violation of the EU-U.S. Privacy Shield Framework, but are the rules doing enough to protect consumer data?Continue Reading
GDPR rules putting a spotlight on consumer data privacy
Nick Merker, a partner at Ice Miller law firm, discusses how GDPR rules are influencing data privacy efforts and offers tips about how U.S. companies can remain GDPR compliant.Continue Reading
internal audit (IA)
An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine how well it conforms to a set of specific criteria.Continue Reading
FAQ: How does EU GDPR compliance change data protection processes?
In this FAQ, learn how compliance with the EU's General Data Protection Regulation requires companies to rethink their data protection policies and processes.Continue Reading
-
pure risk (absolute risk)
Pure risk, also called absolute risk, is a category of threat that is beyond human control and has only one possible outcome if it occurs: loss.Continue Reading
Cybersecurity governance falls short amid rising security budgets
Companies still struggle to adapt risk management strategies to face modern threats, but maturing their cybersecurity governance processes is a step in the right direction.Continue Reading
risk assessment
Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.Continue Reading
audit program (audit plan)
An audit program, also called an audit plan, is an action plan that documents what procedures an auditor will follow to validate that an organization is in conformance with compliance regulations.Continue Reading
PCI DSS compliance (Payment Card Industry Data Security Standard compliance)
Payment Card Industry Data Security Standard (PCI DSS) compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information.Continue Reading