Most security incidents start with a single point of failure: a compromised identity. With 44.7% of breaches involving stolen credentials, securing the identity layer is now essential for meeting the requirements of the Digital Operational Resilience Act (DORA), in... Read More
Compliance
Categories
Preparing for the UK’s New Cyber Security and Resilience Bill
The UK government introduced the Cyber Security and Resilience (Network and Information Systems) Bill on 12th November 2025. The Bill updates the UK’s NIS Regulations 2018 to broaden scope, strengthen reporting duties, and increase regulators’ enforcement powers. If you... Read More
Investigating CJIS? Lock down password compliance with Specops
When we think about criminal justice and cybersecurity, the imagination isn’t immediately drawn to compliance. Meeting policy requirements isn’t as flashy or exciting as a hooded hacker using a laptop to defeat their foes. The realm of cybercrime is known... Read More
CJIS compliance: How to meet password and MFA requirements
If you’re responsible for password security at a law enforcement agency or organization that handles criminal justice data, CJIS compliance isn’t optional. It’s the baseline for protecting some of the most sensitive information in the country. The FBI’s Criminal... Read More
NYDFS Cybersecurity Regulation: Up-to-date compliance guidance
The stakes are high when it comes to cybersecurity in the financial sector. Financial organizations house a lot of sensitive customer data, including login credentials, personally identifiable information (PII), and banking details. The New York State Department of Financial... Read More
HIPAA password requirements: Best practices for compliance
The digital transformation of healthcare has brought plenty of benefits, but it’s also introduced new challenges in protecting patient information. The Health Insurance Portability and Accountability Act (HIPAA) plays a critical role in ensuring that medical data remains secure.... Read More
Navigating HIPAA cybersecurity requirements: A guide for healthcare providers
Healthcare data is a prime target for hackers. It often includes personal identifying information (PII), medical records, insurance details, and financial information, which can be used for identity theft, insurance fraud, and other malicious activities. The high value of... Read More
How to build a PCI-compliant password policy
The Payment Card Industry Data Security Standard (PCI DSS) is a set of guidelines designed to protect cardholder data and ensure that organizations handling payment card information maintain a secure environment. Among its many requirements, PCI DSS places significant... Read More
NIS2, passwords, and MFA: Everything you need to know
MFA and password security are key considerations in several regulatory frameworks, and NIS2 is no different. The NIS2 Directive is an important piece of legislation for anyone working in cybersecurity across the European Union. The latest updates to the... Read More
Update to GLBA safeguards rule: What you need to know
Financial institutions are at the forefront of cybersecurity challenges due to the sensitive nature of the data they handle. As the frequency and sophistication of cyberattacks increase, so does the need for robust regulatory safeguards, requiring organizations to bolster... Read More