• $16M Anthem Penalty Illustrates the Need for HIPAA Compliance 2018-10-18

    Back when they were new on the scene, HIPAA's privacy and security rules didn't get much respect. Beginning with the privacy rule's introduction in 2003, the Office of Civil Rights received thousands of complaints and investigated thousands of infractions each year, but took little or no corrective action. In fact, the OCR didn't issue a single fine for a HIPAA privacy or security rule violation between 2003 and 2008. It's easy to understand how HIPAA got a reputation as a toothless mandate, but things have changed over the last ten years. If anyone needed a reminder of the fact, the OCR delivered one this week with its $16 million fine for the Anthem data breach. The penalty is nearly triple the previous record for a HIPAA fine, and sends a clear message that organizations can expect to pay a heavy toll for neglecting their data protection...

    Read more: $16M Anthem Penalty Illustrates...

  • Automating Your Data Defense 2019-11-20

    Faced with staffing shortages, skill gaps, and evolving cyber threats, security professionals around the world are beginning to recognize that automation is the future of information security. There’s simply no way that security managers—or end users—can be expected to evaluate every risk and apply appropriate protection to the constantly-multiplying volumes of data they handle.

    Read more: Automating Your Data Defense

  • Compliance Check: NYCRR 500 Phase 3 2018-10-03

    We're now three quarters of the way through New York's two-year-long implementation of its cybersecurity law for financial services companies. The first law of its kind in the US, NYCRR 500 sets best-practice cybersecurity requirements for all banks, mortgage companies, insurance companies, and other organizations that do business in New York. The requirements are being phased in between March 1, 2017 (when the law first took effect) and March 1, 2019.

    Read more: Compliance Check: NYCRR 500 Phase 3

  • Cyber Wars: Every Backdoor Is an Open Door 2018-02-05

    No one expects politicians to be experts on every subject. Elected officials and agency directors have to make decisions on dozens of complicated issues, many of which lie far outside their areas of expertise. That's why public discussion and expert opinions have always played key roles in shaping our laws and policies. Here at PKWARE, we're deeply involved in the ongoing debate about strong encryption, and whether governments can (or should) require backdoors for encrypted communications and devices. While some politicians have advocated against backdoors, many others in Congress and law enforcement continue to call for measures that would make our data less private and less secure.

    Read more: Cyber Wars: Every Backdoor Is an...

  • Cyber Wars: Is a Digital Pearl Harbor in Our Future? 2018-01-08

    We've seen plenty of massive data breaches in recent years— thefts that involve the personal info of hundreds of millions of people and cost the affected companies hundreds of millions of dollars. So far, however, we seem not to have learned our lesson. Cybersecurity continues to take a back seat to dozens of other issues in corporate boardrooms, in legislative chambers, and in the media. It's time to ask the obvious question: how much worse do things need to get before our attitudes change?

    Read more: Cyber Wars: Is a Digital Pearl...

  • Cyber Wars: What Is Government's Role? 2018-02-15

    Who owns cybersecurity? Cyber attacks negatively impact governments, corporations, and individuals on a daily basis. One of the many reasons for our ongoing vulnerability is that we lack a cohesive approach for defending US interests against cyber threats. It has become painfully clear that neither the government nor the private sector can solve the problem on its own. There must be a joint effort in protecting our country’s national interest in terms of cyber security.

    Read more: Cyber Wars: What Is Government's...

  • GDPR is Officially the Law. Now What? 2018-05-25

    The moment has finally arrived. As of 12:00am on May 25, after two years of preparation and a massive last-minute barrage of privacy policy updates, the General Data Protection Regulation has the force of law across the European Union. Whether they've stayed ahead of the compliance curve since the law was first announced, or have kept their heads in the sand and made no preparations at all, organizations around the world are all wondering the same thing: What happens next?

    Read more: GDPR is Officially the Law. Now...

  • GDPR: Your 90-Day Compliance Checklist 2018-02-26

    After two years of controversy and confusion, the era of the GDPR is about to begin. As of May 25, Europe's groundbreaking General Data Protection Regulation will have the force of law in all 28 EU member nations, fundamentally changing the way businesses and government agencies deal with personal data.

    Read more: GDPR: Your 90-Day Compliance...

  • Is the US Getting Closer to a National Cybersecurity Law? 2018-12-06

    From the moment Europe's leaders began discussing the law that would eventually become the GDPR, it seemed almost inevitable that the United States would some day pass a national cybersecurity law of its own. After all, as the center of the world economy, America presents the largest attack surface for anyone looking to steal consumer data, trade secrets, or other sensitive information. America's GDPR may still be years in the future, but the country appears to be taking another step in that direction. Recent comments from Senator Mark Warner and other high-profile politicians, in the wake of the recently-uncovered breaches at Marriott and the National Republican Congressional Committee, suggest that there may be growing support in D.C. for a national...

    Read more: Is the US Getting Closer to a...

  • It's Official: Colorado's New Cybersecurity Law Takes Effect 2018-09-06

    A few years from now, stories like this may not even qualify as news. That's how quickly cybersecurity laws—nearly unheard of until recently—are becoming the norm. For now, though, each new law is worth noting, and the Colorado Protections for Consumer Data Privacy law, which took effect on September 1, is the latest law to hit the books in the US.

    Read more: It's Official: Colorado's New...

  • PKWARE Recognized in 2018 CRN Partner Program Guide 2018-04-02

    PKWARE is excited to be in this year’s CRN®, a brand of The Channel Company, Partner Program Guide! The annual guide features partner programs from technology vendors that provide products and services through the IT channel. CRN® evaluated vendors based on investments in program offerings, partner profitability, partner training, education and support, marketing programs and resources, sales support and communication.

    Read more: PKWARE Recognized in 2018 CRN...

  • PKWARE’s Jen Ferguson Named 2018 CRN Women of the Channel Honoree 2019-09-04

    PKWARE is proud to announce that CRN, a brand of The Channel Company, has named Jen Ferguson, Director of Partner Marketing, to its prestigious 2018 Women of the Channel list. The executives on this annual list span the IT channel, representing vendors, distributors, solution providers and other organizations that figure prominently in the channel ecosystem.

    Read more: PKWARE’s Jen Ferguson Named 2018...

  • Smartcrypt in Action 2018-09-12

    If you want to see what data-centric protection really looks like, PKWARE's new demo videos are here to show you.

    Read more: Smartcrypt in Action

  • The Age of Encryption Has Arrived 2018-01-11

    In the life of every important technology, there’s a tipping point—a moment when the technology ceases to be a niche product or an emerging concept and becomes a part of everyday life. For mobile phones, to choose an obvious example, that moment came almost twenty years ago. For cloud computing, it was perhaps five years ago. For encryption, it’s happening now.

    Read more: The Age of Encryption Has Arrived

  • The GDPR Right to Be Forgotten: How Will It Work? 2018-03-28

    With less than two months to go before the GDPR effective date, companies around the world are beginning to flip the switches on the new products, business processes, and communication campaigns they’ve implemented in hopes of complying with the law. Despite the EU’s efforts over the last two years to explain what the regulation requires and how it will be enforced, a great deal of uncertainty remains. Until GDPR supervisory authorities begin to issue fines for noncompliance—and organizations begin to challenge those fines in court—no one can say for sure which of the law’s provisions deserve the most attention. The GDPR’s much-publicized "right to be forgotten," however, seems certain to generate interest on the part of consumers, corporations, and supervisory authorities from day one.

    Read more: The GDPR Right to Be Forgotten:...

  • To Simplify GDPR Compliance, Reduce Your Attack Surface 2018-04-25

    One month from today, Europe’s General Data Protection Regulation will take effect, and the security strategies prepared by organizations around the world will be put to the test. The GDPR presents a complex challenge, creating new rules for corporations and new rights for the individuals whose data those corporations collect and process. The more data an organization has, the more difficult it will be to meet that challenge.

    Read more: To Simplify GDPR Compliance,...

  • What If They Were Paper Files? A Data Protection Journey to the Past 2018-02-13

    Cybersecurity isn’t the easiest thing in the world to visualize. Since we don’t actually see information as it travels across networks or is written to disks, it can be difficult to picture exactly what needs to happen in order to keep data safe. So just for fun, we’re going to do a bit of time travel to see what today’s data protection concepts would look like if they were applied to paper files instead of digital ones. We don’t need to go back too far—40 years will do the trick—to arrive at a time when the vast majority of information was still being created and stored on paper. Imagine, if you will, that it’s 1978. Most large companies are already using computers to perform certain tasks, and early adopters are beginning to buy personal computers like the TRS-80 and Apple II. The majority of workers, however, still do their work on paper, and that’s what you’ll be doing today after your $1.75 taxi ride to the company headquarters.

    Read more: What If They Were Paper Files? A...

  • What We Heard at RSA 2018-05-08

    It was great to see everyone at this year’s RSA conference! The year’s biggest industry event is an ideal opportunity to gain insight into the trends and developments that are shaping the future of cybersecurity. Here’s a quick rundown of the recurring themes we heard in our conversations with information security professionals from around the world.

    Read more: What We Heard at RSA