SecurityScorecard Blog

As the May 25, 2018 General Data Protection Regulation (GDPR) enforcement date looms, the cloud hanging over information security and compliance professionals comes with a chance of penalties. Click to listen to the full web... Keep Reading

By Fouad Khalil With the General Data Protection Regulation (GDPR) effective date around the corner (May 25, 2018), organizations are scrambling to make sure they’re ready. Research shows organizations are planning to spend anywh... Keep Reading

Our initiative with the US Chamber of Commerce to release the Principles for Fair and Accurate Security Ratings started with defining and publishing the principles, and now SecurityScorecard is fostering this initiative by continu... Keep Reading

Hi. My name is Fouad Khalil. I’m the compliance guy at Security Scorecard. Just last week, I attended Black Hat Europe, and it was in London. I had the pleasure of engaging a lot of other security professionals, complianc... Keep Reading

By: Fouad KhalilOn May 4, 2016 after four years in the making, the European Union (EU) General Data Protection Regulation (GDPR) was published and an application date was set: May 25, 2018. With Black Hat Europe this week and ... Keep Reading

For those companies who have been following the New York Department of Financial Services Cybersecurity Requirements and have educated themselves on everything about the regulation, it was easy to jump right into the substance of ... Keep Reading

Although not a regulatory framework, the U.S. National Institute of Standards and Technology (NIST) framework is considered an industry best practice for to identifying, measuring, and managing cybersecurity risk. In the 2016 Ten... Keep Reading

The Federal Financial Institution Examination Council (FFIEC) recently issued the Cybersecurity Assessment Tool (CAT). For U.S. financial institutions that fall under the FFIEC’s purview, this is a framework that can facilitate di... Keep Reading

The Board of Governors of the Federal Reserve System’s most recent Supervisory Letter “Guidance on Managing Outsourcing Risk” (“Guidance”), released in December 5, 2013, distills the characteristics, governance, and operations req... Keep Reading