Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE


And other things that keep you up at night

Blog >Compliance

Browsed By
Category: Compliance

Key Requirements of the NY SHIELD Act and How to be Compliant

| Chris Nieves | | Leave a Comment
As more and more attacks are occurring each year with a record 4.1 billion records breached in just the first half of 2019, according to Forbes– data security regulation is becoming more of a priority. Just as we suspected with the signing of the GDPR regulation in the EU, similar regulation has sprung up in the U.S with the CCPA on the west coast in California and most recently spreading to the east coast in New York with the signing of the ‘Stop Hacks and Improve Electronic Data Security’ o…

What is the California Consumer Privacy Act (CCPA)?

The EU GDPR took the world by storm, upping the compliance ‘ante’, causing other countries to follow suit in protecting consumer privacy. While the United States hasn’t implemented any federal regulation of this sort, many states have begun to implement their own regulations at the state level. For California, the clock has already begun ticking with the California Consumer Privacy Act (CCPA), a GDPR like regulation with a compliance timeline of January 1st, 2020.   The CCPA int…
NYDFS Regulation

What is the NYDFS Cybersecurity Regulation?

The New York Department of Financial Services released the NYDFS Cybersecurity Regulation (23 NYCRR 500) in 2017, a set of regulations that place cybersecurity requirements on all DFS regulated entities. This regulation was put into effect at a time where cybersecurity threats are growing, with players coming from nation-states such as Russia, to independent criminal actors, or even terrorist organizations. The goal of this regulation is to not only protect customer information but to also pr…

What is APRA’s CPS 234? Part 2

This is our second part of a two-part series regarding APRA’s new prudential standard of CPS 234 and how this can potentially impact an organisation. Part 1 focused primarily on the background of the CPS 234 and the beginning of the controls necessary to put in place to begin getting ready. Today we are going to talk about the additional steps necessary around risk management and some of the best practices to assist with that risk management in regards to data within an organisation. H…

What is APRA’s CPS 234? Part 1

If you are located in Australia or do business in Australia, you may be an Australian Prudential Regulation Authority (APRA) regulated entity. If you are unsure, take a trip to APRA’s website and see whether it’s applicable to you or not. For the sake of this blog let’s say you are regulated or are just interested in what it means if you are. In that case, you may be subject to the new prudential standard of CPS 234. So, What Actually is CPS 234? CPS 234 is a prudential standard tha…

Office 365 Security and Compliance: Admin Guide to Creating Labels and DLP Policies

Data loss is defined as data that gets misplaced, removed without authorization, leaked outside of the organization or otherwise corrupted perhaps due to malware. Failure to prevent data from being ‘lost’ can result in hefty fines, especially for organizations that have to comply with the General Data Protection Regulations (GDPR) where they can be fined up to 20 million Euros, or 4% of annual, worldwide turnover. In this guide, I will show you how you can leverage Microsoft Office 365 Sec…

Taking a Data Centric Audit and Protection (DCAP) Approach Avoids the Weaknesses of a Siloed Data Security Strategy

Data Centric Audit and Protection (DCAP) is a term defined by Gartner back in 2017 in response to the weaknesses of the Data Security Governance practices at the time. At that time, data protection strategies focused on the security of the application, or storage system that contained the data. This focus led to a variety of technology-specific security tools which tended to be owned and managed by different teams within IT. This siloed approach to data security worked well as long as the dat…

How Stealthbits Helps Our Customers Comply With The CDM Program Guidelines

Continuous Diagnostic and Mitigation (CDM) Guidelines, Programs, and More Continuous Diagnostics and Mitigation (CDM) Program is a dynamic approach to fortifying the cybersecurity of government networks and systems. The CDM Program provides DHS, along with Federal Agencies with capabilities and tools and identify cybersecurity risks on an ongoing basis, prioritize these risks based on potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first. Con…

What is ITAR Compliance? How Stealthits can Help

| Adam Laub | | Leave a Comment
What is ITAR Compliance? The International Traffic in Arms Regulations (ITAR) is a United States regulatory compliance standard that restricts and controls the export of defense and military-related technologies to safeguard U.S. national security. The U.S. Government requires all manufacturers, exporters, and brokers of defense articles, defense services or related technical data to be ITAR compliant. What are ITAR Requirements? For a company involved in the manufacture, sal…




© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.