Cybercrime can look different for every organization, and consequences could vary. The dangers of cyberattacks don’t limit only to hackers stealing personal or company information — they can also be expensive. The cost of recovering from a cyber-attack can be costly or put organizations out… Read More »Cybersecurity Trends Mid-2022
CCPA, the recent legal privacy innovation in the US, has introduced a lot of requirements for online businesses. We have previously covered the principle of accountability in both CCPA and GDPR, and how an audit log of all data-related activities as well as handling user… Read More »Three Reasons Why CCPA Compliance May Require SIEM
In today’s dynamic world, the fifth generation of global wireless technology (or as we know it, 5G) is driving innovation in the financial sector, and the global pandemic is changing everyone’s lifestyle and payment habits, online payments become more and more important. Against this backdrop,… Read More »Using SIEM for Simplifying PSD2 Compliance
Audit logs are that thing that everyone has a good grasp about in theory, but is hard to define in practice. We have previously covered what is an audit log in IT context and now we’ll focus on why it’s important for security. Why Are… Read More »The Importance of Audit Logs for Security
Why is SIEM Important for Regulatory Compliance? A security information and event management (SIEM) system can improve the security of your business’ computer network with real-time automation, monitoring, logging and event alerts. By leveraging SIEM Software, your security team is able to track events concerning your company’s… Read More »Using SIEM for Regulatory Compliance: Importance, Best Practices, Use Cases
Cyber-attacks are becoming increasingly commonplace and dangerous with both the chance and cost of a data breach constantly growing – over 36 billion records were exposed only in the first half of 2020 and the average total cost of a breach was almost $4 million.… Read More »Free Ebook: The Benefits of SIEM
Cybersecurity is increasingly becoming a topic for legislators, especially for the public sector, critical infrastructure, healthcare, education, the financial and the insurance sectors. In the US, in addition to several federal laws (HIPAA, HITECH, GLBA, SOX, FISMA, CISA), there are many state-level laws that impose… Read More »US Cybersecurity Laws Overview And How SIEM Can Help
Threat intelligence has been a very important asset to cybersecurity- knowing in advance some properties of malicious actors is key for preventing security incidents. Most typically these properties are IP addresses, domains, emails and file hashes, and being able to compare them to what’s happening… Read More »The Importance Of Threat Intelligence Sharing Through TAXII And STIX
PSD2 is the new EU Directive that aims to open up the banks and allow non-banking institutions to provide payment services. It is a great thing but it comes with many requirements. They are in the form of implementing and delegated acts of the European Commission as… Read More »PSD2 Requirements and Secure Logs
SIEMs can help detect different kinds of issues related to information security. Some of these issues are vital to the organization as they affect confidential data, or can even lead to personal data leaks.
The number of cyberattacks has increased five-fold after COVID-19, as the pandemic brought new opportunities to cybercriminals. At this rate, cybersecurity threats are estimated to cost the world US $6 trillion a year by 2021. Since remote working became “the new normal”, it also became… Read More »Free Ebook: SIEM for Work From Home Security
What is a SIEM? SIEM stands for Security information and event management. This technology has existed since the late 1990s. Traditional SIEM has been joined by a broad use log management technology that focuses on collecting various types of logs and events for different purposes,… Read More »SIEM: What Is SIEM, How It Works, and Useful Resources
The Sarbanes-Oxley Act (SOX) establishes requirements for the integrity of the source data used in financial transactions and reporting. In particular, auditors are looking at regulated data residing in databases connected to enterprise applications. To prove the integrity of financial data, companies must extend… Read More »Using SIEM for Simplifying SOX Compliance
SIEMs (Security information and event management systems) are often considered sufficient for certain compliance needs – they “tick” boxes on numerous standards and regulations and have built-in compliance reports. However, legacy SIEMs don’t always work for the compliance department. While in theory, they support the… Read More »Legacy SIEMs Don’t Work For The Compliance Department
SIEM Deep Dive: Financial Regulatory Compliance The financial sector – from international banks to fintech startups – are required to comply with numerous standards and regulations regarding information security, KYC and AML, open banking, and more. The financial sector is also a primary target of… Read More »Ebook: Using SIEM for Financial Compliance
The Importance of Using SIEM to Comply with European Regulations Regulations such as GDPR give EU individuals more control over their personal data, however, they also compel organizations to utilize stronger security and privacy controls when storing or processing personal data. Security information and event… Read More »Ebook: Using SIEM for GDPR and NIS Compliance
What Is Directive on Security of Network and Information Systems (NIS) The NIS Directive (Directive on Security of Network and Information Systems) is a European Union directive that (broadly speaking) defines cybersecurity requirements for operators of essential services. The definition of “essential services” is broad… Read More »Four Types of Software for NIS Directive Compliance
Security Information and Event Management (SIEM) systems are crucial for every organization as they are able to detect malicious acts and even to prevent them. By converting simple audit logs into a very detailed behavior analysis, SIEMs can help in achieving full data protection and… Read More »Free Webinar: SIEM – Benefits and Pitfalls
SWIFT is a global provider of secure financial messaging services that connects thousands of banks, financial institutions and corporations all over the world. However, it does not monitor or control the messages that users send through its system. So, all issues with privacy and compliance… Read More »SWIFT: Covering Key Consumer Security Controls
It has been 2 years since GDPR came into effect and it seems privacy and data protection have never been more important. During this period, many companies like British Airways, Marriott, Google, 1&1 Telecom GmbH were fined for data protection violations and suffered painful reputation… Read More »GDPR: How to Achieve Compliance with Minimal Effort
It is no secret that the German healthcare sector is heavily regulated in all possible aspects. The new Digital Health Applications Ordinance (DiGAV) of 21st April 2020 allows only approved digital health apps (DiGA) to be reimbursed by the patient’s health insurance. We have previously… Read More »How to Easily Cover the New DiGAV Data Protection Requirements
Privacy and data protection have never been more important. From anxious consumers to activist regulators, everybody seems to have data protection on their minds. The proliferation of regulations and the increasing complexity of data and IT architectures create challenges for organizations of all types. We… Read More »GDPR: Compliance, Best Practices, Security Safeguards
Privacy legislation around the world is different in its technicalities but has a lot in common. The most famous recent laws are GDPR (EU but with extra-territorial effect) and CCPA (California, but practically affects the US and even services outside the US). The Accountability Aspect… Read More »The Role of Accountability in Data Privacy As Seen in GDPR and CCPA
The financial sector is heavily regulated in all aspects imaginable. We have previously covered PSD2 and the corresponding EBA guidelines with regard to having a secure audit trail and related security functionalities. Now there are new EBA guidelines on ICT and security risk management that banks must be compliant… Read More »Audit Trail In New PSD2 Requirements: EBA Guidelines on ICT and Security Risk Management
It’s been almost two years since GDPR came into force. During this period, many huge companies were under the hackers’ radar and they suffered from losing both reputation and financial assets.
Most organizations have clearly separated roles for the Chief Compliance Officer and Chief Technical Officer. And this has worked well up until recently, as most standards and regulations had mostly legal and procedural implications and technical input was rarely required. At the same time, the CTO has been… Read More »The Need For A Chief IT Compliance Officer
HIPAA, the US healthcare regulation, has some rigid requirements about data security and privacy. That aligns perfectly with LogSentinel’s mission so we decided to help our customers in their HIPAA compliance efforts by providing a clear mapping between HIPAA requirements and LogSentinel SIEM’s functionality. #… Read More »How To Cover HIPAA Security Rule Regarding Audit Trail
California Consumer Privacy Act (CCPA) is the new privacy law in California that affects a lot of organizations due to its extraterritorial effect. We have already covered CCPA with a high-level overview, covering what is it about, who is bounded to comply with it, what are the… Read More »Database Security and CCPA Compliance
Digital Identity is a hot topic and is applicable to a wide range of scenarios. Virtually any organization has some form of digital identity in order to authenticate its employees, and some organizations, like banks and governments, have been identity providers to millions of people… Read More »NIST: Digital Identity Requires Secure Audit Trail
This week The Court of Justice of the European Union ruled that websites are liable for Facebook’s tracking activities. This is an important decision that clarifies one of the most important outstanding GDPR issues – whether the consent you’ve given to Facebook exempts website owners from… Read More »Facebook Social Plugins and GDPR: The Court of Justice Ruling
