British Airways Hit With Record $229 Million GDPR Fine Following 2018 Data Breach

Jul 8, 2019 1:56:02 PM By Stu Sjouwerman

U.K.-based airline British Airways (BA) is facing a record fine of £183 million ($229 million) after suffering a cyberattack in September last year. The U.K. Information Commissioner’s ...

Is Compliance Security’s Worst Enemy?

Jun 24, 2019 7:14:00 AM By Stu Sjouwerman

KnowBe4’s Data-Driven Defense Evangelist, Roger Grimes, explains why compliance and security are not aligned, and why compliance actually hurts security.

No, Government Contractors Can't Falsify Claims of Compliance with Cybersecurity Standards

Jun 14, 2019 6:21:10 AM By Stu Sjouwerman

Seems obvious, but a recent lawsuit highlights the need for government contractors to comply with government-mandated cybersecurity controls.

Nearly Half of US Orgs Not Ready for California Consumer Privacy Act Deadline

May 6, 2019 8:00:00 AM By Stu Sjouwerman

InfoSec Mag observed something a bit worrisome. "In advance of the California Consumer Privacy Act (CCPA) going into effect January 1, 2020, researchers analyzed how prepared US ...

Vendors are Responsible for Almost Half of All Data Breaches

Apr 29, 2019 7:04:18 AM By Stu Sjouwerman

The latest data from a survey of 600 SpiceWorks IT and Security professionals shows that vendor users aren’t doing their part to keep your organization’s data safe.

Is Managing Your Vendor Risk Taking Up Too Much of Your Time?

Apr 23, 2019 9:37:52 AM By Stu Sjouwerman

You told us you have challenging compliance requirements, and keeping up with risk assessments is a continuous hassle.

Are Your Compliance, Risk, And Audit Projects Taking Up Too Much Of Your Time?

Nov 6, 2018 2:04:00 PM By Stu Sjouwerman

You told us you have challenging compliance requirements, not enough time to get audits done, and keeping up with risk assessments is a continuous problem.

NY Cyber Law Hits 3rd Deadline: Toughest Yet to Come, How To Get And Stay Compliant?

Sep 4, 2018 3:41:09 PM By Stu Sjouwerman

Craig A. Newman, partner at Patterson Belknap wrote: "By today, financial institutions are required to meet their next deadline for compliance with New York’s cybersecurity law. The ...

[Heads-up] The May 2018 GDPR Deadline May Fuel New Extortion Attempts

Feb 20, 2018 11:21:29 AM By Stu Sjouwerman

Trend Micro has released its annual security roundup, and it shows several interesting trends that will likely continue into 2018. There is bad news and worse news, with a little bit of ...

KnowBe4 Attains SOC 2 Type I Compliance For The Hosted Phishing And Training Product Offerings

Feb 11, 2018 1:59:38 PM By Stu Sjouwerman

KnowBe4, Inc, the world's largest security awareness training and simulated phishing platform, this week announced it has successfully completed a Service Organization Controls (SOC) 2 ...

Which EU 2018 Directive Is More Important Than GDPR?

Jan 3, 2018 4:19:17 PM By Stu Sjouwerman

If you have sales offices in Europe, or full subsidiaries, you need to be aware of the NIS directive. Peter Dekker at Enisa warned about the following: During 2017, the GDPR buzz reached ...

Complex regulations and sophisticated cyber attacks inflate non-compliance costs

Dec 15, 2017 5:21:15 PM By Stu Sjouwerman

The cost of non-compliance has significantly increased over the past few years, and the issue could grow more serious. 90 percent of organizations believe that compliance with ...

URGENT - If IT and Marketing are not freaking out about GDPR compliance, you are not paying attention

Nov 24, 2017 3:04:00 PM By Stu Sjouwerman

I found an article about GDPR compliance written by the fine folks of HubSpot, which we use ourselves here at KnowBe4 use for marketing automation. We have customers in Europe, so our ...

We're Still Not Ready for GDPR? What is Wrong With Us?

Nov 19, 2017 10:30:08 AM By Stu Sjouwerman

Sara Peters, Senior Editor at Darkreading wrote an excellent article about GDPR. It is both reprimanding and encouraging to get off our collective butts and do something about GDPR very ...

Federal Contractor? Insider Threat Training Deadline June 1- Don't Lose Your Clearance

Jun 7, 2017 4:38:21 PM By Stu Sjouwerman

Insider Threat Training Requirement for US Gov't Contractors (Deadline May 31, 2017) SANS just alerted US federal contractors that wish to maintain their clearances must have completed an ...

Cybersecurity Top Risk Consideration In Board Room

Dec 31, 2014 2:23:30 PM By Stu Sjouwerman

The Wall Street Journal polled its readers and asked them to rate the top compliance issues of 2014. The answers were very interesting!

PCI Publishes Guidance On Security Awareness Training

Nov 1, 2014 11:46:00 AM By Stu Sjouwerman

The Payment Card Industry Council thinks Security Awareness Training is so important that they just published a 25-page guidance paper that fully explains the why, how and what of ...

Federal Compliance Rules Skyrocket

Jun 22, 2014 1:24:00 PM By Stu Sjouwerman

Underscoring the difficulty of compliance management in the context of just US federal rulemaking – not to mention rules published by state, local and other governments and organizations ...

NISTs New Approach to Cybersecurity Standards

May 14, 2014 10:30:00 AM By Stu Sjouwerman

Applying Engineering Values to IT Security. The National Institute of Standards and Technology is developing new cybersecurity standards based on the same principles engineers use to ...

4.8 Million Heftiest HIPAA Fine From Federal Regulators Yet

May 12, 2014 1:55:00 PM By Stu Sjouwerman

Federal regulators have issued a $4.8 million sanction, the largest HIPAA settlement to date, against two partnering New York healthcare organizations following a breach affecting just ...

Security Awareness Training Blog

Compliance Blog

View Topics

British Airways Hit With Record $229 Million GDPR Fine Following 2018 Data Breach

Is Compliance Security’s Worst Enemy?

No, Government Contractors Can't Falsify Claims of Compliance with Cybersecurity Standards

Nearly Half of US Orgs Not Ready for California Consumer Privacy Act Deadline

Vendors are Responsible for Almost Half of All Data Breaches

Is Managing Your Vendor Risk Taking Up Too Much of Your Time?

Are Your Compliance, Risk, And Audit Projects Taking Up Too Much Of Your Time?

NY Cyber Law Hits 3rd Deadline: Toughest Yet to Come, How To Get And Stay Compliant?

[Heads-up] The May 2018 GDPR Deadline May Fuel New Extortion Attempts

KnowBe4 Attains SOC 2 Type I Compliance For The Hosted Phishing And Training Product Offerings

Which EU 2018 Directive Is More Important Than GDPR?

Complex regulations and sophisticated cyber attacks inflate non-compliance costs

URGENT - If IT and Marketing are not freaking out about GDPR compliance, you are not paying attention

We're Still Not Ready for GDPR? What is Wrong With Us?

Federal Contractor? Insider Threat Training Deadline June 1- Don't Lose Your Clearance

Cybersecurity Top Risk Consideration In Board Room

PCI Publishes Guidance On Security Awareness Training

Federal Compliance Rules Skyrocket

NISTs New Approach to Cybersecurity Standards

4.8 Million Heftiest HIPAA Fine From Federal Regulators Yet

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search

Search