Australia's Parliament has passed a mandatory data breach notification law that requires some organizations to tell consumers and regulators about an incident within 30 days or face hefty fines. But one security expert says the law has gaps that could pose risks.
President Barack Obama has signed the National Defense Authorization Act, legislation that includes a provision he opposes to leave the leader of the newly-elevated U.S. Cyber Command as the head of the National Security Agency as well.
Today's ISMG Security Report leads off with House Homeland Security Committee Chairman Michael McCaul and DHS Secretary Jeh Johnson lamenting about the congressional bureaucracy that hinders passage of needed cybersecurity legislation.
Western experts evaluating China's new cybersecurity law contend it will do very little to safeguard information but will erode privacy rights and make it harder for foreign enterprises to do business in China.
Businesses on both sides of the Atlantic are lauding the new U.S.-EU Privacy Shield, which gives them a legal way to handle Europeans' personal data. But privacy rights groups have criticized the agreement for falling short of the EU's own privacy protections.
A new EU law will impose minimum cybersecurity measures on organizations as well as require enterprises across multiple sectors - including the likes of Amazon and Google - to report security breaches to authorities.
Would access to better information pertaining to encryption help Congress pass good crypto-related laws? That's the impetus behind a "Digital Security Commission" and a related report being hawked by some lawmakers.
"Brexit" means that British law enforcement agencies will likely have a harder time taking a bite out of cybercrime as well-regarded intelligence-sharing relationships get severed and must be renegotiated.
By a margin of 52 percent to 48 percent, British voters have decided to leave the European Union. But as Britain renegotiates its relationship with EU member states, its mass surveillance practices will likely face sharp scrutiny.
In the wake of a majority of British voters opting to leave the European Union, the U.K. Information Commissioner's Office argues that the country should still comply with the EU's data privacy rules. But will politics get in the way?
In the event of a "Brexit" - British exit - from the European Union following this week's referendum, the U.K. would likely still have to comply with EU data protection laws, but also face cybercrime-related policing and prosecution challenges.
Since California passed its pioneering data breach notification law in 2003, many other states and some countries have followed suit. Here's a closer look at the status of breach notification requirements in four regions.