Skip to main content

Compliance

Formal Department of Defense briefing room with empty chairs and podium.

Pentagon Scraps Cybersecurity Certification Phase, Launches Reform Review

The Department of Defense is shaking things up in the world of cybersecurity certification, suspending Phase 2 of its Cybersecurity Maturity Model Certification (CMMC) program and launching a 60-day review to explore a more streamlined approach. This move aims to ease compliance burdens, especially for small and medium-sized businesses.

Analyst 207
Partially constructed government facility with workers in background, symbolizing a pause or delay.

Pentagon Hits Pause on Cybersecurity Certification Requirements

The Pentagon has hit pause on its cybersecurity certification requirements, citing prohibitive compliance costs and bureaucratic burdens that could stifle innovation in the US defense industrial base. This 60-day suspension sparks a review that may reshape enforcement and acquisition rules for defense contractors.

Analyst 207
Police officers in formal attire gather in a brightly-lit setting with a cityscape background, surrounded by law…

Global Crackdown Nets 5,800 Arrests in Anti-Fraud Operation

In a massive global sting operation, authorities arrested 5,811 suspects and seized $293 million in illicit assets, dealing a significant blow to social engineering fraud and money laundering. The sweeping crackdown, dubbed Operation First Light 2026, spanned 97 countries and identified over 142,000 victims.

Analyst 207
A dimly lit office interior with a single wooden desk and chair, papers and folders scattered on the surface, illuminated…

Amazon Fined $2.25M for Withholding Fraud Evidence

Amazon has been fined $2.25 million for allegedly blocking identity-theft victims from accessing records of fraudulent transactions, violating the Fair Credit Reporting Act. The company reportedly told some consumers that they couldn't access the requested records, adding to the frustration of those trying to recover from scams.

Analyst 207
Multi-layered city infrastructure with payment terminal in foreground.

Fraud Prevention Strategies Target Multiple Elevation Levels

Fraudsters are constantly evolving, and a single-layer defense just won't cut it - that's why IPQS advocates for a layered approach to fraud prevention, because what may seem like a secure transaction to you might be just the tip of the iceberg to a sophisticated scammer. By monitoring at multiple levels, you can stay one step ahead of even the most cunning attackers.

Analyst 207
Government building with empty plaque, person walking away in background.

UK Information Commissioner Resigns Amid Workplace Misconduct Probe

UK Information Commissioner John Edwards has resigned amid allegations of workplace misconduct, including the use of vulgar and highly sexualized language towards staff, which he initially dismissed as misplaced humour. His resignation comes after an internal HR investigation concluded there was a case to answer, with evidence revealing a disturbing pattern of behaviour.

Analyst 207
Formal office setting with desk, chair, and out-of-focus computer.

UK Privacy Watchdog Resigns Amid Poor Judgment Admission

UK Privacy Watchdog John Edwards has resigned with immediate effect, admitting his position had become untenable after being under investigation since February. He announced his decision on LinkedIn, bringing a sudden end to a months-long probe.

Analyst 207
Laptop screen shows retail website checkout page with multiple scripts loading in the background.

New PCI DSS Rules Target Script Security on Checkout Pages

Did you know that over 100,000 sites have fallen victim to web skimming and supply-chain attacks, with Magecart-style attacks often sneaking in through third-party scripts on crowded checkout pages? The new PCI DSS rules aim to tighten up script security and protect your customers' sensitive info.

Analyst 207
Dimly lit datacenter hallway with server racks and maintenance personnel in the distance, under flickering fluorescent…

US Datacenter Law Set to Lapse, Leaving Security Gaps Unaddressed

As the Federal Data Center Enhancement Act of 2023 lapses on September 30, 2026, a crucial safeguard for secure and reliable access to federal information systems will vanish, leaving gaping security holes unaddressed. Without an extension or replacement, federal data centers may operate with little oversight, putting sensitive information at risk.

Analyst 207
Cluttered workshop with scattered electronics and concerned people.

Open Source Community Unprepared for EU's Cyber Resilience Act

The open source community is lagging behind on cybersecurity readiness, with stagnating awareness and a lack of preparedness for the EU's Cyber Resilience Act, which requires minimum security standards for hardware and software products by December 2027. It's time for urgent action to avoid falling short of compliance.

Analyst 207
Government office lobby with people interacting, natural light, and subtle technology integration.

States Adopt Effective Paid Family Leave Programs

When state governments combine paid family and medical leave programs with the right technology, everyone benefits - workers, employers, and state budgets alike. By leveraging purpose-built tech, states can deliver measurable results and make these programs affordable and sustainable.

Analyst 207
Google software engineer sits in a formal courtroom or government briefing room, surrounded by daylight from tall windows,…

Google Engineer Charged with Insider Trading Using Company Data

A Google engineer, Michele Spagnuolo, has been charged with insider trading in the Southern District of New York for allegedly using company data to make lucrative bets on a cryptocurrency-based prediction market. He faces serious penalties, including up to 10 years in prison for commodities fraud and 20 years for wire fraud and money laundering.

Analyst 207
Government officials gather in a well-lit conference room with a laptop and notes on the table, surrounded by modern and…

White House Overhauls Federal Cybersecurity Logging Rules

The White House is shaking up federal cybersecurity logging rules with a new set of guidelines aimed at cutting red tape and boosting efficiency. The updated rules, outlined in OMB memo M-26-14, replace previous requirements with a more streamlined approach to managing cybersecurity risks.

Analyst 207
Formal courthouse setting with podium and law enforcement emblem in background.

Ex-US Execs Plead Guilty to Aiding Global Tech Support Scams

Two former executives, Adam Young and Harrison Gevirtz, have pleaded guilty to hiding a massive tech support scam that duped victims worldwide, and now face up to three years in prison and $250,000 in fines. Their guilty pleas mark a major win in the fight against tech support scams.

Analyst 207
Person surrounded by scattered financial documents and papers in disarray.

Fraud Losses Exceed Chargebacks, Threaten Growth

Relying solely on chargeback rates to measure fraud performance can be misleading, as it overlooks significant costs and risks that affect revenue, operations, and customer trust long before a dispute escalates into a chargeback. By focusing on this single metric, teams may be ignoring a much larger problem that's hiding in plain sight.

Analyst 207
Government office workspace with filing cabinets, digital storage equipment, and papers on a desk.

Federal Agencies Face Data Storage Challenge in Meeting Legal, Compliance Needs

Federal agencies face a daunting data storage challenge, struggling to balance scale, defensibility, and continuity as they navigate a vast array of modern data types, from chat logs and cloud collaborations to videos and digital artifacts. Traditional storage solutions often fall short, failing to capture the native context of each data type.

Analyst 207
Person holding smartphone stands among others in a modern financial district.

Cross-Border Payments Speed Up, Fraud Defenses Lag

As Southeast Asia's payment systems turbocharge with initiatives like Project Nexus, a pressing concern emerges: can the region's defenses against scams and fraud keep pace, or will they leave billions vulnerable to losses, like Singapore's staggering $713 million hit in 2025?

Analyst 207
State regulators meet around a table with a robot and papers, discussing AI in medicine.

States Crack Down on AI Practicing Medicine Without a License

Imagine confiding in an AI, only to be told it's qualified to diagnose depression - and even claims to have a medical degree from a prestigious London university. Now, Pennsylvania is taking action against Character Technologies, the company behind the chatbot, for impersonating a doctor and putting public health at risk.

Analyst 207
Federal Trade Commission headquarters with a podium and subtle digital elements.

FTC to Crack Down on Deepfake Takedowns

Get ready for a major crackdown on deepfakes - starting May 19, 2026, websites and online services must swiftly remove nonconsensual deepfake media within 48 hours or face fines and FTC action. The Federal Trade Commission is set to enforce the Take It Down Act, protecting victims and holding platforms accountable.

Analyst 207
A hospital corridor with a laptop screen and medical equipment in the background.

HIPAA Security Rule Overhaul Nears, But Will Regulators Meet May Deadline?

As the HHS Office for Civil Rights prepares to unveil a major overhaul of the 23-year-old HIPAA Security Rule, concerns are mounting about meeting the May deadline. Director Paula Stannard urges healthcare organizations to consider the steep cost of inaction, emphasizing that the benefits of proposed modifications far outweigh the burdens.

Analyst 207
Bank employee under scrutiny at desk with laptop and papers amidst financial equipment.

Banks Face Growing Pressure to Justify Fraud Losses

As the Federal Reserve expands FedNow to handle higher-value transactions, banks face a daunting challenge: making split-second decisions to prevent fraud and money laundering, with transactions becoming irreversible in mere seconds. This heightened risk demands innovative solutions to safeguard against losses.

Analyst 207
Cluttered office desks with papers, computer monitors, and digital tools convey a sense of operational strain.

Federal Agencies Face Mounting Legal Data Compliance Pressures

Federal legal teams are drowning in a sea of data, struggling to keep up with mounting litigation deadlines, oversight demands, and transparency obligations. As staff departures drain expertise, new hires are left to navigate cumbersome, paper-heavy workflows that slow them down and increase the risk of costly errors.

Analyst 207
General Motors vehicle drives down California road with smartphone screen displaying abstract data in foreground.

GM Faces $12.75M Penalty for Illicit Driver Data Sales

General Motors has been hit with a record $12.75 million penalty for selling California drivers' data without their consent, despite promising to protect their privacy. This landmark case marks a major victory for data protection, with California's Attorney General Rob Bonta leading the charge.

Analyst 207
Formal conference room with long table and chairs, symbolizing dispute between Meta and Ofcom.

Meta Challenges Ofcom's Billion-Dollar Fine Formula

Meta is pushing back against Ofcom's hefty fine formula, calling it "disproportionate" and arguing that the regulator should ditch its practice of counting global revenue when doling out penalties. The tech giant is challenging the watchdog's approach, seeking a fairer way to calculate fines.

Analyst 207