Edgile has released its Q2CY16 GRC (Governance, Risk and Compliance) Content report that provides regulatory updates across a range of industries and examines significant data breaches in Q2. This report information about new laws and regulations affecting them, covering PCI DSS, GLBA, HIPAA and more, to protect against cyberattacks.
The report indicates that Ransomware attacks such as CryptoLocker and CryptoDefense are becoming more frequent and sophisticated. These attacks run executable code that secretly encrypts key files on an infected device before displaying a 'ransom' note demanding payment (usually in Bitcoin or other e-currency) in order to decrypt the files via a private key.
The Q2CY16 report includes significant changes that affect businesses such as new controls in existing PCI DSS requirements and new provisions imposing duties on service providers to detect and report on failures of critical security control systems. The report also covers a set of security controls created by the Cloud Security Alliance (CSA) to help businesses assess the risks associated with a cloud computing provider.
Edgile maintains its own database of industry-specific harmonized laws and regulations known as the Edgile GRC Content Library, which is available on a paid, quarterly subscription basis to help clients address their compliance and regulatory requirements. This database is maintained by Edgile compliance experts in PCI DSS, Sarbanes Oxley, FFIEC, GLBA, FRB Reg A-YY, HIPAA, Privacy, FDA, NERC CIP and more. It monitors federal regulatory amendments and state privacy laws, including new state sources for personal information protection, security breaches, data sharing, identity theft and notification.