A while ago, there were talks about entirely phasing out third-party cookies in 2024. Google Chrome also restricted third-party cookies to 1% of its browsers. In July, the search engine giant announced reversing its plan to deprecate third-party cookies and continue developments in Privacy Sandbox APIs to enhance user consent and web privacy. Web browsers… Continue reading Will the Cookie Crumble? Google Chrome Reverses the End of Third-party Cookies (Part 1)
IBM OpenPages GRC Services | GRC Consulting – iTechGRC
Category: GRC
The Allure of Healthcare Data: Why is it a Hotbed for Healthcare Cybersecurity Breaches?
Digital health systems and data-driven medical devices enhance performance and care quality in the healthcare industry. However, converting large volumes of personal health data into digital formats for storage and usage introduces several privacy and data security concerns. Healthcare data such as patient information, clinical observations, payment details, prescriptions and treatment records, and personally identifiable… Continue reading The Allure of Healthcare Data: Why is it a Hotbed for Healthcare Cybersecurity Breaches?
Homomorphic Encryption: Future of Secure Data Processing & Encrypted Computing
Data privacy has evolved alongside technological sophistications and advancements in cybersecurity attacks. Personally identifiable information (PII) gathered by companies have more than one rite of passage to affirm their safety from misuse that could lead to identity theft, fraud, data loss, or nonconsensual tracking and processing. With the increased regulatory interests at the state, federal,… Continue reading Homomorphic Encryption: Future of Secure Data Processing & Encrypted Computing
Rapid Incident Response: The First 24 Hours
You’ve learned how to assess Third Party Vendor Risk and build an Incident Response Plan in a scalable style. So, when a breach does happen, having done all of this preparation can come in handy, but what is much more important is the quickness and preparedness to respond. For the first 24 hours, time is… Continue reading Rapid Incident Response: The First 24 Hours
Data Management and Data Governance: What’s the Difference?
You have probably heard about data management and data governance several times in our blogs. You aren’t the only one assuming they mean the same or involve similar functions. Although they are related, there are significant differences between them. Let’s dive into understanding how these two concepts differ and operate. What is Data… Continue reading Data Management and Data Governance: What’s the Difference?
Building a Robust Incident Response Plan for Third Party Risks like CrowdStrike: A Step-by-Step Guide
In our first blog of the series on CrowdStrike Resilience, we highlighted the crucial need for assessing third-party risks, particularly considering the recent CrowdStrike outage that disrupted several Fortune 500 companies. The outage served as a wake-up call, emphasizing the importance of continuous risk assessment and the potential consequences of relying on third-party vendors for… Continue reading Building a Robust Incident Response Plan for Third Party Risks like CrowdStrike: A Step-by-Step Guide
Questionnaires to Assess Your Third Parties for CrowdStrike
The $5.4 Billion Outage On July 19, 2024, Fortune 500 companies experienced a shocking $5.4 billion loss, with about 25% of them directly impacted. The most affected sectors were airlines, healthcare, and banking, with insured losses ranging between $0.5 billion and $1 billion. What caused this massive disruption? A recent CrowdStrike outage. This Outage, triggered… Continue reading Questionnaires to Assess Your Third Parties for CrowdStrike
U.S. Data Protection and Privacy Laws: Federal Updates (Part2)
As states in the U.S. intensify data protection guardrails, efforts escalate at the federal level with new rule proposals, prompt actions, and legal settlements. C-level and data privacy leaders worldwide are actively raising the bar with effective data governance to keep their firms risk-free and compliant with data protection and privacy laws. iTech GRC’s IBM-certified… Continue reading U.S. Data Protection and Privacy Laws: Federal Updates (Part2)
U.S. Data Protection and Privacy Laws: Brand-new Updates in State Regulations (Part1)
Several state–and federal data privacy laws were passed in 2024. Both regulators and consumers are becoming increasingly concerned with data privacy loopholes and companies’ data protection measures and processing activities. As we come closer to finishing the third quarter of the fiscal year, let’s revisit some of the recent state-level updates to the U.S. data… Continue reading U.S. Data Protection and Privacy Laws: Brand-new Updates in State Regulations (Part1)
Manufacturing Compliance Management 101
The margin for error in manufacturing compliance is razor-thin, as demonstrated by the infamous Abbott Laboratories case. The company was fined $100 million by the U.S. Food and Drug Administration (FDA) for failing to comply with updated medical device manufacturing regulations. The FDA’s investigation uncovered serious lapses in quality control, leading to the distribution of… Continue reading Manufacturing Compliance Management 101