Data privacy has evolved alongside technological sophistications and advancements in cybersecurity attacks. Personally identifiable information (PII) gathered by companies have more than one rite of passage to affirm their safety from misuse that could lead to identity theft, fraud, data loss, or nonconsensual tracking and processing. With the increased regulatory interests at the state, federal,… Continue reading Homomorphic Encryption: Future of Secure Data Processing & Encrypted Computing
IBM OpenPages GRC Services | GRC Consulting – iTechGRC
Tag: Data Privacy Management
Data Management and Data Governance: What’s the Difference?
You have probably heard about data management and data governance several times in our blogs. You aren’t the only one assuming they mean the same or involve similar functions. Although they are related, there are significant differences between them. Let’s dive into understanding how these two concepts differ and operate. What is Data… Continue reading Data Management and Data Governance: What’s the Difference?
U.S. Data Protection and Privacy Laws: Federal Updates (Part2)
As states in the U.S. intensify data protection guardrails, efforts escalate at the federal level with new rule proposals, prompt actions, and legal settlements. C-level and data privacy leaders worldwide are actively raising the bar with effective data governance to keep their firms risk-free and compliant with data protection and privacy laws. iTech GRC’s IBM-certified… Continue reading U.S. Data Protection and Privacy Laws: Federal Updates (Part2)
Four Lessons on Avoiding a GRC Failure
Large corporations, brands, and enterprises have a fair share of reasons to fall behind their governance, risk, and compliance management objectives, resulting in a massive GRC failure. It is common knowledge that getting a hold of GRC needs is complicated, but regulatory bodies and governments quickly slap hefty penalties that can run into billions of… Continue reading Four Lessons on Avoiding a GRC Failure
Rise of Social Engineering: Types of Social Engineering Attacks (Part 2)
After a prelude to the concept of social engineering as an emerging form of cybersecurity attack, let’s explore the different forms your enterprise may likely encounter. First, let’s have a quick look at some stats on social engineering assaults: An average business encounters nearly 700 social engineering attacks annually. 50% of social engineering attacks… Continue reading Rise of Social Engineering: Types of Social Engineering Attacks (Part 2)
U.S. Data Privacy Laws 101
The consumer data collection process is saturated with ethical and legal complexities. Yet, firms cannot get enough of this ‘digital fuel’ for their business and marketing initiatives. With new technologies and methods of personal data collection, consumer literacy about data privacy rights and risks challenges the so-called privacy paradox—consumers care about privacy but fail to… Continue reading U.S. Data Privacy Laws 101
Unraveling GDPR: GDPR Compliance Checklist for U.S. Companies (Part 2)
As businesses rapidly turn digital, it is incredibly easier to interact globally and engage using customers’ data. GDPR’s data privacy regulations serve as the ultimate guardrail for U.S. businesses involved in trans-Atlantic data transfers and the data processing and monitoring activities of its EU and EEA customers. However, the learning curve is not steep. Almost… Continue reading Unraveling GDPR: GDPR Compliance Checklist for U.S. Companies (Part 2)
Unraveling GDPR Requirements and How Some of it Impacts the U.S. (Part 1)
Six years after its enforcement, the European General Data Protection Regulation (GDPR) is now an exclusive industry in the U.S. There are about half a million jobs for data protection officers (DPOs). Companies like Meta, Amazon, and Google are charged with fines worth billions of dollars fines for non-compliance. A takeaway is that GDPR’s extraterritorial… Continue reading Unraveling GDPR Requirements and How Some of it Impacts the U.S. (Part 1)