Incident Management

May 9, 2022 -

The Ultimate Guide to Thai PDPA Compliance

What is Thai PDPA Compliance? Thai PDPA compliance means data controllers and data processors that are covered by the

April 4, 2022 -

Java Framework ‘Spring4Shell’ Vulnerability Leads to Potential Exploit

Java Framework ‘Spring4Shell’ Vulnerability Leads to Potential Exploit  On March 30th, a new vulnerability was reported in Spring Beans,

March 18, 2022 -

IT Risk Indicators Missing from Your Third-Party Management Program

The focus of a business’s third-party risk management (TPRM) program may look very different from one business unit to

March 4, 2022 -

‘Strengthening American Cybersecurity Act’ Passage Aimed at Cyber Defense Amid Geopolitical Conflict

New Cybersecurity Bill Aimed at Critical Infrastructure Defense The United States Senate has passed a legislative package – The

February 28, 2022 -

How to Build a Proactive IT & Security Framework

Refining your IT & security risk management strategy is an ongoing requirement at any stage of program maturity. Recent

February 16, 2022 -

How Does Your Privacy Framework Support Better Security Oversight? 

Security is a key pillar of any privacy program – meaning holistic security and privacy compliance is crucial to business

February 14, 2022 -

Political Unrest Fuels Agency’s Call for Cyber Resilience 

An increase in cyber-related incidents across the European Union has spurred several regulatory agencies to raise awareness around cyber

February 11, 2022 -

Ransomware Risk Management: The PCI Security Standards Council & National Cybersecurity Alliance’s Ransomware Bulletin 

The PCI Security Standards Council (PCI SSC) and National Cybersecurity Alliance published a bulletin in response to the rise

February 11, 2022 -

The Ultimate Guide to LGPD Compliance

Introduction to the LGPD Compliance with the LGPD requires organizations to adhere to 65 articles that regulate the collection,

February 9, 2022 -

Trust & The CISO: The Role of Trust in the Evolution of IT & Security

Continual evolution is inevitable when it comes to the security landscape. In the modern IT & security sphere businesses

February 4, 2022 -

Buy-In Guide: Making the Case for TPRM Software 

OneTrust Vendorpedia™ is the largest and most widely used technology platform to operationalize third-party risk. The technology platform enables

January 27, 2022 -

The Importance of User-Driven Configuration for Flexible IT Risk Management and Privacy Compliance

Digital transformation is more than just the move from manual processes to the internet of things (IoT) technologies, it’s ongoing change management

January 25, 2022 -

The Shift to Third-Party Trust Management (TPTM): What is TPTM and Why does it Matter?

Traditionally, the corporate vendor ecosystem – the community of third parties and vendors that a company shares information with

January 24, 2022 -

How OneTrust Uses OneTrust for Data Privacy

Highlighting Data Privacy Week, we’re taking the opportunity to acknowledge privacy as the cornerstone of trust, recognizing that it’s

January 3, 2022 -

Preparing for the New Apple Account Deletion Requirement

On October 6, 2021, Apple introduced a new guideline for App Store submissions. The implications of these requirements will

December 30, 2021 -

A Year in Review: Key takeaways, Top Breaches & More 2021 Security Trends

2021 Top Breaches, Hacks, and Outages  From incidents in the oil and gas industry to successful ransomware defense in

December 20, 2021 -

The Future of TPRM: Third Party Risk Management Predictions for 2022

Third-Party Risk Management (TPRM) is the way that a company looks at vendor relationships and manages the risks that they

December 16, 2021 -

Build the Business Case: The Importance of Business Resilience and TPRM

Throughout the beginning of December, a major web service and retail provider (that now controls 33% of the cloud

December 14, 2021 -

Working With Vendors to Address the Apache Log4j 2 Library Vulnerability

There is a new critical vulnerability that impacts one of the most popular open-source Java logging libraries, Apache Log4j 2. The exploit has been identified as a

December 9, 2021 -

NIS2: An EU-Wide Cybersecurity Strengthening and Resilience Solution

On December 3, the Council of the European Union (EU), announced that it had agreed on its general approach to the text

December 2, 2021 -

The CECO & Vendor Risk Management: Top Challenges & Biggest Opportunities

Complex regulations are accelerating the need for organizations to realign their business practices from top-to-bottom. The consequences for non-compliance

November 22, 2021 -

New Final Rule Issuance: Computer-Security Incident Notification Requirements for Banking Organizations and Service Providers

The Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System (Board) and the Federal

November 1, 2021 -

Cyber Security Awareness Resource Hub

Welcome to the Cyber Security Awareness Resource Hub!  This page is your one-stop-shop for all things cyber security training

October 28, 2021 -

The CSO (Chief Sustainability Officer) & Vendor Risk Management: Top Challenges & Biggest Opportunities 

Maintaining a strong security posture is more important than ever, and that includes addressing all aspects of organizational cybersecurity from both

October 11, 2021 -

Put a Hold on Hacks: Fight the Phish and Other Common and Emerging Cyberthreats 

Cybersecurity teams are facing larger and more sophisticated cybersecurity threats than ever before. In the last year, there has

October 4, 2021 -

Trust Talks: Actioning Trust-Based Cybersecurity from Individual to Enterprise 

In the face of increased ransomware and overall security incidents, weaving the fabric of trust throughout your organization is

September 27, 2021 -

Ransomware Risk Management: NIST Cybersecurity Framework

The evolution of the cyberattack landscape is continuously evolving, and professionals across industries agree that 2020 and 2021 have been critical

September 23, 2021 -

Explore What’s Coming at TrustWeek 2021

TrustWeek is back online this year to bring together OneTrust customers, partners, and industry professionals to explore the latest technology innovations,

September 22, 2021 -

Quebec’s Bill 64 Adopted

On September 21, 2021, the Act to Modernize Legislative Provisions as Regards the Protection Of Personal Information (Bill 64)

September 17, 2021 -

Putting Your Incident Management Playbook Into Action: Part 1 – Prepare

Putting Your Incident Management Playbook Into Action: Part 1 – Prepare Security incidents and data breaches are quickly becoming

August 31, 2021 -

OneTrust Awareness Training: The Benefits and Latest Course Updates

The growing ubiquity of privacy laws globally has brought with it a greater general awareness of consumer rights and

August 24, 2021 -

Prove You Value Privacy with Consent and Preference Management 

Privacy, consent and preferences are key to all things data, and personal data appears across all aspects of a customer’s journey. From learning about

August 12, 2021 -

The Accenture Ransomware Attack: A Use Case for Effective Risk Mitigation

Targeted ransomware attacks have reached new heights, with a 62% global attack spike and a 158% increase in North American attacks alone. As ransomware

August 10, 2021 -

ITRM 101: Understanding the Impact of IT Risk on Your Organization

Defining ITRM IT Risk Management (ITRM) is a form of risk mitigation commonly used in information technology (IT). Per the ISACA Risk IT Framework, ITRM is

August 2, 2021 -

OneTrust Vendorpedia Third-Party Risk Exchange Now Provides Cyber Risk Scores on Thousands of Vendors

OneTrust is partnering with ISS Corporate Solutions (ICS) to enable new cyber risk scoring capabilities for all Third-Party Risk Exchange

July 27, 2021 -

Thai PDPA Compliance: How OneTrust Helps [Video]

Thai PDPA Compliance Deadline Thailand’s Personal Data Protection Act (PDPA) was published in the Royal Gazette on May 28,

July 19, 2021 -

Security, Compliance, and Privacy: Exploring the Critical Areas of Vendor Risk

In the wake of increased successful and high-profile attacks, ransomware incidents, and the newfound fragility of critical infrastructure systems, vendor risk management (VRM) is emerging as an undeniably

July 12, 2021 -

How To Automate Your DSAR Process with Discovery & Redaction

When your organization is asked to process a Data Subject Access Request (DSAR), you must respond as quickly as

June 30, 2021 -

The CPO & Vendor Risk Management: Top Challenges & Biggest Opportunities

As the privacy landscape continues to evolve, key focus areas of privacy program management are shifting. A product of

June 23, 2021 -

The CISO & Vendor Risk Management: Top Challenges & Biggest Opportunities

As security teams spent the last year adapting to rapid digital transformation, the quick expansion left them spread thin, exposing new vulnerabilities for bad actors

June 22, 2021 -

How Your Organization Can Use an Incident Management Playbook

The chances of your organization being the victim of a data breach is now up to 1 in 4.

June 3, 2021 -

New Wave of Ransomware Attacks Hits US Infrastructure 

A recent surge in ransomware attacks against critical infrastructure suggests a trend in cybercrime for the year. Groups of bad actors are targeting countries’ essential services (oil, food production, etc.) because

June 1, 2021 -

What is Third-Party Risk Management?

What is Third-Party Risk Management? Third-party risk management (TPRM) is a form of risk management that focuses on identifying

May 28, 2021 -

New DHS Pipeline Cybersecurity Requirements: What do they mean?

In the last year alone, the number of successful, large-scale cyber-attacks has astronomically increased (62% in the last year, to be

May 21, 2021 -

The Ultimate Guide to Privacy Management 

What is Privacy Management? Today, your business must maintain compliance with a bevy of local and international legislation aimed

May 14, 2021 -

President Biden’s Cybersecurity Executive Order: What will it mean for you?

On May 12, US President Joe Biden issued an executive order on cybersecurity seeking to improve the state of national cybersecurity

May 10, 2021 -

Privacy Rights Requests are on the Rise, are you Prepared?

Whether you are receiving hundreds a day or just a handful a month, fulfilling privacy rights requests (DSARs) is

April 16, 2021 -

Complete Guide to General Data Protection Regulation (GDPR) Compliance

What does it mean to be GDPR compliant? This page is regularly updated for accuracy and comprehensiveness. Last update:

April 2, 2021 -

Webinar Recap: How Data Discovery Enhances Your DSAR Workflow 

Organizations are looking to mature their privacy programs as the focus on privacy rights, and privacy regulations continue to increase.  Most are seeing the need to automate the privacy

March 12, 2021 -

Privacy Program Best Practices 

“Privacy means people know what they’re signing up for, in plain language, and repeatedly. I believe people are smart.

March 2, 2021 -

HIPAA Compliance: Building a Bridge to a Robust Privacy Program

The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient information. This comprehensive law

February 23, 2021 -

Why Security Teams Need Data Discovery

In today’s increasingly data-driven world, organizations are characterized by the abundance of data and more importantly, the need to

November 2, 2020 -

What is OneTrust GRC? A LinkedIn Live Recap

  Each week OneTrust hosts industry experts to discuss the latest privacy, security, data governance, and compliance updates, trends, and developments in

October 14, 2020 -

TrustWeek 2020: Main Conference Day 1 Recap 

TrustWeek is officially in full swing and we’re bringing you the latest and greatest that OneTrust has to offer. TrustWeek is bigger than ever with over

October 13, 2020 -

TrustWeek News: OneTrust  Releases New Ethics & Compliance Software to Help Build an Ethical Culture in Your Organization

As part of a series of announcements during TrustWeek, OneTrust’s annual user conference, we are excited to introduce OneTrust

September 28, 2020 -

TrustWeek 2020 Agenda Released

For the first time, TrustWeek, OneTrust’s user conference will be free and virtual for privacy, security, and data governance

September 14, 2020 -

OneTrust Expands Brazil Operations to Support LGPD Compliance

With the LGPD effective date sometime within this month, and companies around the globe working to comply with Brazil’s

July 28, 2020 -

Data Governance in the Age of COVID-19

In just a matter of weeks, the COVID-19 pandemic has turned our entire world upside down. To stem the

July 20, 2020 -

OneTrust Opens New Certification Program Dates

We have just hit over 5,000 professionals who have attended one of our 10 OneTrust Certification Program courses, from Assessments to

June 2, 2020 -

CCPA Compliance for Small Businesses

The California Consumer Privacy Act (CCPA) establishes new data privacy rights for California consumers. Specifically, it requires companies conducting

April 20, 2020 -

Registration Now Open for the Brazil LGPD Master Class Series

Registration is now open for OneTrust’s LGPD Master Class Series! Brazil’s Lei Geral de Proteção de Dados do Brasil

April 15, 2020 -

Integrating Privacy & Cyber Security

For any company with an online presence, an ironclad cybersecurity program is a cornerstone to providing assurance to clients,

March 31, 2020 -

In the Know: OneTrust Updates for March 2020

Another month means another opportunity for OneTrust to take your privacy program to the next level. In this blog

March 17, 2020 -

OneTrust Launches Free Online Certifications and Virtual Health Checks to Strengthen Customer Community During Travel Restrictions

As COVID-19 travels across the globe, the daily lives of our customer community are impacted in many different ways.

February 12, 2020 -

The California Attorney General Releases Modified CCPA Proposed Regulations 

On February 10, 2020, California Attorney General (AG), Xavier Becerra, released a modified text of his proposed regulations for the

January 21, 2020 -

Announcing Open Registration for PrivacyConnect

OneTrust has just announced open registration for 150 free PrivacyConnect workshops in over 100 cities. With the new expanded

January 21, 2020 -

Cybersecurity Maturity Model Certification (CMMC), Escalating Security

Escalating Security Across Vendor Contracting CMMC for government contractors, A Shift from a Static Plan to a Dynamic Measure

January 16, 2020 -

Integrated Risk Management vs. GRC

Comparing two schools of thought, Integrated Risk Management vs GRC. Governance Risk and Compliance (GRC) is a well-established practice,

December 24, 2019 -

CCPA Compliance: Your Most Frequent CCPA Questions Answered

The CCPA is only days away from taking effect, but don’t panic. OneTrust has all the resources you need

November 20, 2019 -

Adding Context to Your Integrated Risk Management Program

Integrated Risk Management, Contextualizing Data with an Intelligent Platform for Added Value to Your Everyday Business Functions. In the

November 14, 2019 -

PrivacyTech 2020 Global User Conference: Dates Announced

Registration for PrivacyTech 2020 is now open! PrivacyTech is a global annual user conference driving innovation with privacy, security and third-party risk technology. As the only

October 17, 2019 -

Analyzing Your Privacy Program with Dashboards

As a privacy professional, you know that all the data that you collect needs a proper view for not

August 27, 2019 -

ISO 27701 New Privacy Standard: How OneTrust Got Certified & How You Can Too

Just a few days after the new privacy certification was launched, OneTrust announced that we received the world’s-first ISO 27701 certification for a Privacy

August 22, 2019 -

OneTrust Launches Back to School Series

Grab your laptop and your thinking caps because we’re going back to school! The new OneTrust Back to School

August 6, 2019 -

Last Week In Privacy- August 6, 2019

Welcome to Last Week in Privacy! Each week, OneTrust’s in-house privacy experts will give you the top international privacy

July 30, 2019 -

How OneTrust Helps with the CCPA

The California Consumer Privacy Act (CCPA) is rapidly approaching. With the law set to take effect in January of 2020, many organizations are looking for

July 23, 2019 -

Register for PrivacyConnect: 125+ CCPA and GDPR Workshops Added across 100+ Cities

We’re finishing up PrivacyConnect 2019 strong and today added registration 125+ free, local PrivacyConnect workshops in 100+ cities across the globe!  PrivacyConnect workshops and

July 22, 2019 -

What Teams Should Be Part of Your Internal CCPA Team

The California Consumer Privacy Act (CCPA) is the first privacy law of its kind to pass in the United States – transforming

July 11, 2019 -

OneTrust Raises $200 Million Series A | Valued at $1.3 Billion

Today is a monumental day for the OneTrust team and privacy industry at large. We are excited to announce

July 1, 2019 -

Your Data Map’s Missing Piece: Why Third-Party Risk Management is Indispensable

In its simplest form, a data map tells you what data you have, how it’s used, where it goes,

May 30, 2019 -

OneTrust Welcomes 350+ Privacy and Security Professionals to Atlanta for PrivacyTech Americas

OneTrust welcomed 350+ privacy and security professionals to Atlanta for PrivacyTech Americas last week. It was a jam-packed two

May 21, 2019 -

OneTrust PrivacyTech Americas 2019 Kickoff!

Today OneTrust is kicking off PrivacyTech 2019 at our Americas event in Atlanta – the first of our two

March 19, 2019 -

Last Week in Privacy – March 19, 2019

Welcome to “Last Week in Privacy!” Each week, OneTrust’s in-house privacy experts will give you the top international privacy

March 14, 2019 -

5 Simple Steps to CCPA Readiness

The California Consumer Privacy Act (CCPA) isn’t set to take effect until January 1, 2020, and with an expected

March 13, 2019 -

OneTrust anunță achiziționarea DataGuidance, un instrument care integrează sute de legi privind confidențialitatea în software-ul său de management al confidențialității

OneTrust anunță achiziționarea DataGuidance, un instrument care integrează sute de legi privind confidențialitatea în software-ul său de management al

March 13, 2019 -

Společnost OneTrust zakoupila firmu DataGuidance. Do své technologie tak zakomponovala stovky zákonů na ochranu osobních údajů

Společnost OneTrust zakoupila firmu DataGuidance. Do své technologie tak zakomponovala stovky zákonů na ochranu osobních údajů Nová platforma obohacuje

March 11, 2019 -

OneTrust neemt DataGuidance over en intregreert honderden privacywetten in het OneTrust softwareplatform voor privacybeheer

OneTrust neemt DataGuidance over en intregreert honderden privacywetten in het OneTrust softwareplatform voor privacybeheer Het geïntegreerde platform combineert het

March 7, 2019 -

OneTrust Continues Reign as Most Awarded Privacy Management Technology

OneTrust added four new trophies to the shelves at RSA Conference 2019: the SC Award for Best Regulatory Compliance

February 21, 2019 -

OneTrust Ranked in Fast Company’s World’s Most Innovative Companies for 2019, announces major growth from 2018

OneTrust is ranked in Fast Company’s world’s most innovative companies for 2019! Each year, Fast Company assesses thousands of

February 19, 2019 -

Drive Innovation with Privacy Technology at PrivacyTech 2019 Americas and Europe

Registration is now open for PrivacyTech, OneTrust’s annual global user conference for driving innovation with privacy technology! PrivacyTech Americas in

February 11, 2019 -

Incident & Breach Management – How Can Software Help?

Incident and Breach Response is an important privacy and security tool for compliance in relation to the protection of

January 17, 2019 -

Enable your Privacy and Security Teams to Work Together with OneTrust for ServiceNow

OneTrust is excited to announce that we have partnered with ServiceNow, a cloud-based platform with solutions that deliver digital

January 14, 2019 -

PrivacyConnect CCPA and GDPR Workshops Coming to 80+ Global Cities in 2019

Registration is now open for OneTrust’s PrivacyConnect 2019! With revamped content focused on the privacy and security challenges managing

December 20, 2018 -

OneTrust Takes Home Multiple TAG Product Management Awards

OneTrust won big at the 2018 Technology Association of Georgia (TAG) Product Management Awards with two award wins and

November 27, 2018 -

Manage Data Breach Response Efforts Across the Globe with OneTrust’s Incident Management Solution

As personal data-related incidents become more common and breach notification requirements vary across regions, privacy and security teams need a

November 14, 2018 -

Last Week In Privacy- November 14, 2018

Welcome to “Last Week in Privacy!” Each week, OneTrust’s in-house privacy experts will give you the top international privacy

November 1, 2018 -

Canada’s New Data Breach Reporting Law Takes Effect Today

Companies subject to the Personal Information Protection and Electronic Documents Act (the “PIPEDA“) will now need to satisfy the reporting and

October 8, 2018 -

Kicking off PrivacyTECH 2018 with OneTrust 4.0, CSA Partnership and More #PrivacyTECH18

Today kicks off our first ever user conference, OneTrust PrivacyTech! We are bringing together nearly 300 privacy professionals from

October 1, 2018 -

Canada’s New Breach Reporting Guidance: Open for Comments

The Office of the Privacy Commissioner of Canada (the “OPC”) is seeking public comment on its new guidance (the “Guidance”) intended

July 10, 2018 -

PrivacyConnect Global GDPR Workshops Coming to 55 New Cities in 2018

PrivacyConnect Global GDPR Workshops Coming to 55 New Cities in 2018 Today OneTrust opened registration for the rest of

July 5, 2018 -

OneTrust Wins the Technology Association of Georgia’s SSA Spotlight Award

OneTrust took home the Technology Association of Georgia’s (TAG) Spotlight Award last week at the 2018 Southeastern Software Association

April 25, 2018 -

OneTrust Wins Risk Management Software of the Year at the 2018 FStech Awards

OneTrust Wins Risk Management Software of the Year at the 2018 FStech Awards OneTrust’s Vishal Arjan, CIPP/E (center) accepting

January 23, 2018 -

OneTrust Global GDPR Workshops coming to 40+ cities in first half of 2018

OneTrust Global GDPR Workshops coming to 40+ cities in first half of 2018 Today, OneTrust opened registration for the first half

November 9, 2017 -

WP29 Guidelines Review: How DPAs Will Apply Administrative Fines Under the GDPR

WP29 Guidelines Review: How DPAs Will Apply Administrative Fines Under the GDPR The GDPR grants extensive enforcement powers to

October 18, 2017 -

WP29 Publishes New Guidelines on Personal Data Breach Notification Under the GDPR

WP29 Publishes New Guidelines on Personal Data Breach Notification Under the GDPR The GDPR expands the range of obligations

October 13, 2017 -

The CNIL Issues New Guidance For Processors

The CNIL Issues New Guidance For Processors In a significant change from the Directive, the GDPR imposes direct legal

September 12, 2017 -

OneTrust | IAPP Webinar – Operationalizing GDPR and Privacy by Design

OneTrust | IAPP Webinar – Operationalizing GDPR and Privacy by Design Join us for a free IAPP webinar, brought

September 1, 2017 -

Supreme Court of India Declares Privacy a Fundamental Right

Supreme Court of India Declares Privacy a Fundamental Right Last week, India’s Supreme Court unanimously ruled that individual privacy

August 10, 2017 -

CNIL Publishes Guidance on Incident Management and Notification

CNIL Publishes Guidance on Incident Management and Notification The French data protection authority (“the CNIL”) has published guidance on

August 9, 2017 -

UK Government Publishes Statement of Intent for New Data Protection Bill

On Monday, the UK Department for Digital, Culture Media and Sport (DCMS) published a statement of intent for a

April 19, 2017 -

OneTrust Joins RSA® Ready Technology Partner Program to Offer Organizations Globally a Streamlined Privacy Management Solution 

OneTrust Joins RSA® Ready Technology Partner Program to Offer Organizations Globally a Streamlined Privacy Management Solution OneTrustis excited to be

December 14, 2016 -

Draft of the EU ePrivacy Regulation Leaked

Draft of the EU ePrivacy Regulation Leaked A draft of the proposed legislation to replace the outdated EU ePrivacy

Onetrust All Rights Reserved