What is DORA? DORA stands for the Digital Operational Resilience Act. It is the framework introduced by the European Commission to manage ICT risks and incident management, along with the management of risks related to third-party service providers. The legislation was introduced in September 2020 and formally adopted in 2022. Purpose of DORA? Before the […]
What is the EU AI Act The European Union introduced the Artificial Intelligence Act (AI Act), a regulatory proposal concerning artificial intelligence within the EU. Presented by the European Commission on April 21, 2021, this legislation is the inaugural comprehensive AI law globally. The proposed EU Artificial Intelligence Act seeks to categorize and oversee artificial […]
With Christmas around the corner, we all hope to make it to Santa’s ‘Nice’ List! The rules of the game are simple: be good year-round, and in return, Santa will place you somewhere in his Nice List. Be not-so-good, and you will get bumped onto the ‘Naughty’ List. However, in the world of Cybersecurity, there’s […]
The California Consumer Privacy act In May 2018 when the General Data Protection Regulation (GDPR) came into effect, many organizations were not ready for it on the mistaken assumption that it does not apply to their business. But it did apply to many of them. It is likely that the new “California Consumer Privacy Act” […]
The Payment Card Industry Security Standards Council recently released their updated Information Supplement: Penetration Testing Guidance. The guidance document was last published in 2008 under the heading ‘Requirement 11.3 Penetration Testing’ The updated document marks a major difference in the approach taken by the PCI Council to clarify and educate stakeholders about the standard’s requirements […]
Objectives of IT legislation in India The Government of India enacted its Information Technology Act 2000 with the objectives stating officially as: “to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as “electronic commerce”, which involve the use of alternatives to […]
Bring your own device (BYOD) is the business policy of letting employees bring their own devices at workplace for doing work. The concept has gained popularity in recent years mainly due to the following reasons: Employees are more willing to spend on their devices as they have the ownership of the device. Maintenance and protection […]
On the 2nd of July 2013, the Indian Government formally approved and published the National Cyber Security Policy (NCSP). The policy had been lying as a draft document and awaiting its formal release for some years now. Whether it is the USA’s PRISM program or some other factor that pushed the Government to officially release it, […]
