Information Security for GDPR Compliance

Information Security for GDPR Compliance

When it comes to information security for GDPR compliance, all stakeholders across the organization need to be involved. The General Data Protection Regulation – the European Union’s upgrade of the current Data Protection Direction – is one of the most sweeping overhauls of data protection the world has ever seen. Not only does GDPR come[…]

Data Discovery for GDPR

Data Discovery for GDPR Compliance

Come May 25, 2018 companies doing business with persons living in the European Union must demonstrate compliance with the new General Data Protection Regulation (GDPR). An inability to demonstrate compliance could expose the company to a minimum fine of €10M, and go as high as 4% of the company’s worldwide revenues of the preceding year.[…]

Enterprise Threat Modeling Quantifies Risk

Enterprise Threat Modeling Quantifies Risk

An ad hoc, per-application threat modeling practice is a good start. After all, bringing secure coding considerations into the application design process makes creating secure, functional products on tight agile time frame much more efficient. Over the years, ad hoc threat modeling has demonstrated its value to organizations from an AppSec perspective. However, attempting to[…]