Security news aggregator

Latest coverage for Fine

Stay informed on the latest in information security trends, breaches, and best practices with our expertly curated content on cyber safety.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A fine is a monetary penalty imposed by a competent authority or court for violating a law, regulation, or legally binding requirement. In information security and privacy, it may follow inadequate safeguards for personal data, unlawful processing, failure to meet required reporting or record-keeping duties, or non-compliance with sector-specific controls. The legal basis, maximum amount, and factors such as severity, duration, negligence, cooperation, and remediation vary by jurisdiction; a fine is generally punitive rather than compensation for affected parties.

For security practitioners, a fine signals that controls and security decisions may be examined as evidence of compliance. Maintain documented risk assessments, access reviews, patching decisions, supplier oversight, logging, and retention practices, especially where they protect regulated data. During an incident, preserve relevant records and establish an accurate timeline for containment, notification, and remediation. Privacy requirements such as data minimization and retention limits can therefore be security controls as well as legal obligations. A fine does not by itself establish that a particular attack or breach occurred.

Showing 3 most recent headlines Filtered view

The U.S. Department of Transportation's Pipeline and Hazardous Materials Safety Administration (PHMSA) has proposed a penalty of nearly $1 million to Colonial Pipeline for violating federal safety regulations, worsening the impact of the ransomware attack last year

Plus: Unpatched DNS bug puts IoT devices at risk, SolarWinds hackers set up new digs, and a CEO faces hard time for massive mining fraud In Brief Colonial Pipeline is facing an almost $1 million fine for control room management failures after the US Department of Transportation alleged they contributed to the nation's fuel disruption in the wake of the 2021 ransomware attack.…