PCI DSS, SOC2, vCISO, Penetration Testing, HIPAA, CIS Controls, Security Program, Risk Assessment, Privacy, CCPA, ISO27001

Do you have APIs? How do you test them?

Application Program Interfaces (APIs) have changed in nature in recent years and are increasingly (and sometimes inadvertently) being made available to users of web services, the “Apps” (applications) on mobile devices, and internally for the web application to talk to the back

Read More

HIPAA, Security Program, Privacy, CCPA

Does Privacy Shield's downfall signal the end of US-EU data transfers?

EU data protection and privacy requirements, currently established primarily in the General Data Protection Regulation (GDPR), generally restrict personal data transfers to a third country except where “where the [European] Commission has decided

Read More

Privacy, CCPA

Changes to CCPA for 2021

January 1, 2021 will be the one year anniversary of the California Consumer Privacy Act (CCPA) going into effect, at least in theory. Forced into existence through privacy activism and the threat of a state ballot initiative, it remains the first

Read More

Privacy, CCPA

CCPA grants consumers private right of action - What is that?

The California Consumer Privacy Act (CCPA) is a California state law protecting the personal information (PI) of California residents (“consumers”), which affects most large businesses (in any state) which serve those consumers. Compliance will be

Read More

CISO, vCISO, Privacy, CCPA

No CCPA Enforcement Delay due to COVID-19

CA Attorney General will not delay CCPA enforcement due to COVID-19 An expansive new regulation like the California Consumer Privacy Act is inherently difficult to implement, even when a global pandemic isn’t preventing staff from being available

Read More