Governance, Risk and Compliance

France’s privacy watchdog fined Microsoft €60 million ($64 million) for not offering clear enough instruction for users to reject cookies used for online ads, as part of the move to enforce Europe’s tightening data protection law.

CyberScoop reports that the widespread adoption of software bills of materials continues to be a challenge.

A ransomware attack at top Colombian energy company Empresas Publicas de Medellin (EPM) may damage its credit quality, setting an alarm clock for the critical infrastructure industry to develop efficient mitigation practices and vulnerability management programs, Moody’s said.  

Here’s how employers can adhere to data privacy guidelines and regulations while monitoring employees.

AI Terrors, Infragard, Microsoft, HIPAA, GitHub, NIST, and more on the Security Weekly News!

The second OCR enforcement action announced this week stems from its HIPAA Right of Access standard, a key regulatory focus for HHS.

In a new settlement with a New Vision Dental over a possible HIPAA failure, OCR warns healthcare providers that impermissible disclosure of health information on social media violates HIPAA.

More companies now recognize that with work-from-home, the perimeter has extended out and they must secure the edge.