The Singapore Personal Data Protection Act (PDPA) of 2012 establishes a general data protection law governing the collection, use, and disclosure of an individual’s information by an organization. With penalties that target the organization and the individual, PDPA strives to entrench the protection of personal data into the business culture of an organization. The foundation of any data...

Comply with Government Security (DCS) Classifications Policy The UK Government Security Classifications (GSC) policy requires that all UK government organizations classify their information assets into one of three types: OFFICIAL, SECRET and TOP SECRET. This simplified classification scheme replaces the previous Government Protective Marking Scheme (GPMS), making it easier for government staff,...

Solving for CUICore to the Controlled Unclassified Information (CUI) standards set by NARA (National Archives and Records Administration) are not only the 240 potential CUI markings, but rules on how to apply them, how they should be formatted, as well as display requirements.Additionally, these markings and metadata are meant to be control enablers, allowing other systems like attribute-based...

The Personal Information Protection and Electronic Documents Act (PIPEDA) became law in Canada in April 2000 and has been reviewed and updated every five years since.. The act was also intended to promote consumer trust in electronic commerce and also to reassure the European Union that Canadian privacy laws sufficiently protected the personal information of European citizens. PIPEDA applies to...

The CCPA bill, passed in 2018, encourages businesses and related entities to be transparent and requires these organizations to report breaches of personal data. The CCPA is more than just a data protection regulation, as it represents a core change in the approach organizations must take to ensure their data remains secure and requires the creation of a data protection strategy for their data. ...

The aerospace and defense organizations operate on a global scale and handle data that needs to be protected from competitors as well as foreign military and government organizations. Competitive secrets, disparate customer requirements, and government regulations surrounding the sharing of sensitive information are critical considerations in the aerospace and defense marketplace. The U.S....

Meet Compliance Requirements To Protect Controlled Unclassified InformationOriginally imposed in 2017, NIST Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, requires all current U.S. Department of Defense contractors to be be compliant with DFARS Part 252.204-7012. Other executive branch agencies may also require...

Introduction After years of deliberation, the U.S. government’s National Archives and Records Administration (NARA) has released more details of its regulation for the protection framework of Controlled Unclassified Information (CUI). The rule is designed to safeguard government data that has not been assigned as confidential or secret, but which...