Turning Compliance Into Tangible Security

Jun 23, 2021 1:44:50 PM By Roger Grimes

Compliance and security are supposedly about risk management. Both seek to reduce the chances that threats and their risks will be able to successfully exploit a target. But they are ...

SolarWinds Hit With Class-Action Lawsuit Following Orion Breach

Jan 7, 2021 10:55:23 AM By Stu Sjouwerman

SolarWinds and some of its executives have been accused of lying to shareholders about its security. In a class-action lawsuit filed by shareholders Solarwinds, outgoing CEO Keven ...

[Heads Up] Was SolarWinds Really A Daisy Supply Chain Attack?

Jan 7, 2021 8:50:50 AM By Stu Sjouwerman

The NYT just reported the next revelation regarding the SolarWinds hack. The Russian FSB may have piggybacked on a tool developed by JetBrains, which is based in the Czech Republic.

Security Awareness Training Compliance and .GOV

Oct 17, 2020 9:55:32 AM By Stu Sjouwerman

A customer sent me the following observation which is something I have been trying to get across for the last 10 years: "I found this interesting – and potentially disconcerting. This ...

How To Get And Stay Compliant With The New California Consumer Privacy Act (CCPA):

Jul 8, 2020 11:27:36 AM By Stu Sjouwerman

California's new AB 375 privacy law is not as bad as GDPR, but the details are still in flux. CCPA does not have some of GDPR's most scary requirements like the very short 72-hour window ...

Six Security Questions You Should Keep in Mind for Third Parties

Feb 6, 2020 8:23:45 AM By Jelle Wieringa

Organizations are beginning to understand the consequences of a data breach or a phishing attack and the negative impact they can really have. But what are the security risks for third ...

Confront Apprehensive Compliance Before Disaster Strikes

Jan 22, 2020 8:36:35 AM By Joanna Huisman

This blog is co-written by Aimee Laycock and Joanna Huisman When it comes to fostering a more secure environment it’s not a question of wanting to…it’s more like YOU HAVE TO. ...

December Content Update: Includes New Versions of Email Exposure Check Pro and Phishing Security Test Tools

Jan 8, 2020 5:36:43 PM By Stu Sjouwerman

Here are a few important updates to share with you from the month of December.

[LEGAL ALERT] What You May Have Overlooked in the Run Up to CCPA Compliance

Dec 27, 2019 12:04:30 PM By Stu Sjouwerman

LAW.COM had a very good reminder that you really need to keep in mind. Here is an extract: "With just days to go before the California Consumer Privacy Act (CCPA) compliance date, some ...

99 Percent Of All Misconfigurations In The Public Cloud Go Unreported

Sep 28, 2019 8:22:58 AM By Stu Sjouwerman

Charlie Osborne at ZDNet wrote: "Today's data breaches often seem to be caused not just by malware infections or external threat actors, but human error, insiders with an ax to grind, and ...

Financial Phishing Campaigns on the Rise

Aug 29, 2019 7:01:35 AM By Stu Sjouwerman

More than 1900 new potential bank phishing sites were registered in the first half of 2019, according to researchers at NormShield. Based on the increase in new suspicious domains ...

British Airways Hit With Record $229 Million GDPR Fine Following 2018 Data Breach

Jul 8, 2019 1:56:02 PM By Stu Sjouwerman

U.K.-based airline British Airways (BA) is facing a record fine of £183 million ($229 million) after suffering a cyberattack in September last year. The U.K. Information Commissioner’s ...

Nearly Half of US Orgs Not Ready for California Consumer Privacy Act Deadline

May 6, 2019 8:00:00 AM By Stu Sjouwerman

InfoSec Mag observed something a bit worrisome. "In advance of the California Consumer Privacy Act (CCPA) going into effect January 1, 2020, researchers analyzed how prepared US ...

Vendors are Responsible for Almost Half of All Data Breaches

Apr 29, 2019 7:04:18 AM By Stu Sjouwerman

The latest data from a survey of 600 SpiceWorks IT and Security professionals shows that vendor users aren’t doing their part to keep your organization’s data safe.

NY Cyber Law Hits 3rd Deadline: Toughest Yet to Come, How To Get And Stay Compliant?

Sep 4, 2018 3:41:09 PM By Stu Sjouwerman

Craig A. Newman, partner at Patterson Belknap wrote: "By today, financial institutions are required to meet their next deadline for compliance with New York’s cybersecurity law. The ...

[Heads-up] The May 2018 GDPR Deadline May Fuel New Extortion Attempts

Feb 20, 2018 11:21:29 AM By Stu Sjouwerman

Trend Micro has released its annual security roundup, and it shows several interesting trends that will likely continue into 2018. There is bad news and worse news, with a little bit of ...

KnowBe4 Attains SOC 2 Type I Compliance For The Hosted Phishing And Training Product Offerings

Feb 11, 2018 1:59:38 PM By Stu Sjouwerman

KnowBe4, Inc, the world's largest security awareness training and simulated phishing platform, this week announced it has successfully completed a Service Organization Controls (SOC) 2 ...

Which EU 2018 Directive Is More Important Than GDPR?

Jan 3, 2018 4:19:17 PM By Stu Sjouwerman

If you have sales offices in Europe, or full subsidiaries, you need to be aware of the NIS directive. Peter Dekker at Enisa warned about the following: During 2017, the GDPR buzz reached ...

Complex regulations and sophisticated cyber attacks inflate non-compliance costs

Dec 15, 2017 5:21:15 PM By Stu Sjouwerman

The cost of non-compliance has significantly increased over the past few years, and the issue could grow more serious. 90 percent of organizations believe that compliance with the GDPR ...

URGENT - If IT and Marketing are not freaking out about GDPR compliance, you are not paying attention

Nov 24, 2017 3:04:00 PM By Stu Sjouwerman

I found an article about GDPR compliance written by the fine folks of HubSpot, which we use ourselves here at KnowBe4 use for marketing automation. We have customers in Europe, so our ...

Security Awareness Training Blog

Compliance Blog

View Topics

Turning Compliance Into Tangible Security

SolarWinds Hit With Class-Action Lawsuit Following Orion Breach

[Heads Up] Was SolarWinds Really A Daisy Supply Chain Attack?

Security Awareness Training Compliance and .GOV

How To Get And Stay Compliant With The New California Consumer Privacy Act (CCPA):

Six Security Questions You Should Keep in Mind for Third Parties

Confront Apprehensive Compliance Before Disaster Strikes

December Content Update: Includes New Versions of Email Exposure Check Pro and Phishing Security Test Tools

[LEGAL ALERT] What You May Have Overlooked in the Run Up to CCPA Compliance

99 Percent Of All Misconfigurations In The Public Cloud Go Unreported

Financial Phishing Campaigns on the Rise

British Airways Hit With Record $229 Million GDPR Fine Following 2018 Data Breach

Nearly Half of US Orgs Not Ready for California Consumer Privacy Act Deadline

Vendors are Responsible for Almost Half of All Data Breaches

NY Cyber Law Hits 3rd Deadline: Toughest Yet to Come, How To Get And Stay Compliant?

[Heads-up] The May 2018 GDPR Deadline May Fuel New Extortion Attempts

KnowBe4 Attains SOC 2 Type I Compliance For The Hosted Phishing And Training Product Offerings

Which EU 2018 Directive Is More Important Than GDPR?

Complex regulations and sophisticated cyber attacks inflate non-compliance costs

URGENT - If IT and Marketing are not freaking out about GDPR compliance, you are not paying attention

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search