SWIFT is a global provider of secure financial messaging services that connects thousands of banks, financial institutions and corporations all over the world. However, it does not monitor or control the messages that users send through its system. So, all issues with privacy and compliance… Read More »SWIFT: Covering Key Consumer Security Controls
Compliance category: find out more about news and technical safeguards our company needs to take to ensure regulatory compliance.
Privacy legislation around the world is different in its technicalities but has a lot in common. The most famous recent laws are GDPR (EU but with extra-territorial effect) and CCPA (California, but practically affects the US and even services outside the US). The Accountability Aspect… Read More »The Role of Accountability in Data Privacy As Seen in GDPR and CCPA
The financial sector is heavily regulated in all aspects imaginable. We have previously covered PSD2 and the corresponding EBA guidelines with regard to having a secure audit trail and related security functionalities. Now there are new EBA guidelines on ICT and security risk management that banks must be compliant… Read More »Audit Trail In New PSD2 Requirements: EBA Guidelines on ICT and Security Risk Management
Many organizations understand that the integrity of their audit trail is important only after a security incident takes place and they realize they cannot rely on their audit logs. Having had a lot of experience in this area here at LogSentinel, as an information security… Read More »Webinar: Audit Trail in Large Organisations
Most organizations have clearly separated roles for the Chief Compliance Officer and Chief Technical Officer. And this has worked well up until recently, as most standards and regulations had mostly legal and procedural implications and technical input was rarely required. At the same time, the CTO has been… Read More »The Need For A Chief IT Compliance Officer
“Compliance” may sound boring and useless – consultants and lawyers are telling you how you should do things and then go around with checklists to see if everything fits a predefined vision of how a certain business should operate. And there are all sorts of… Read More »Technology-Driven Compliance