If your company, vendors, or business partners have operational dependencies in China, your data security is now at an all-time high risk.
This law mandates US companies, including those processing personal data outside of the borders of the PRC, to locally store all personal information collected and produced.
A security review by state authorities is subsequently required for the cross-border transfer of personal information.
Article 35 empowers public and national security officials to obtain data for safeguarding national security or investigating crimes in accordance with PRC law.
Article 38 requires non-PRC companies to comply with administrative regulations managing the cross-border provision of PRC personal information and agree to a PRC Government formulated contract on handling the data.
I spent fifteen years as the Chief Security Officer of a global, publicly traded bank, with a joint venture Bank in China.
Small business disputes can result in your executives not being allowed to leave China.
Data stored within China is subject to Chinese law, and there are restrictions on transferring certain types of data overseas.
The time is now to determine whether your data location storage strategy makes sense considering increasing risks of government intervention and theft.
Encrypt sensitive data before transferring it over public networks.
The ability to recover your data, in a time aligning with your Business Impact Assessment's Recovery Time Objectives and Recovery Point Objectives, is key.
Implement advanced threat detection systems and establish a security operations center if possible.
Ensure your staff understands the importance of data security and knows how to protect sensitive information.
The National Association of Corporate Directors publishes a technology risk guidance report, use that to educate yourself and your board.
CISA's recent Volt Typhoon warning is just one example of increasing cybersecurity risks we face both domestically, and abroad. We have all heard it before, if you fail to plan, you plan to fail.
Navigating this increasingly treacherous risk is like navigating your ship through a typhoon.
Monitoring the ever-changing cybersecurity risk landscape is table stakes for business today.
Use these news alerts, FBI guidance and ten cybersecurity questions to make more informed and risk aware decisions for your organization.
He founded vCSO.ai, a cybersecurity and data privacy Advisory and Consulting firm helping companies enhance their risk strategies and product companies improve their go-to-market storytelling and channel development.
He is the former Chief Security Officer at Silicon Valley Bank, the bank of the innovation economy.
This Cyber News was published on www.cyberdefensemagazine.com. Publication date: Tue, 16 Apr 2024 19:28:07 +0000