Information Security and ISO 27001
A Compliance Officer Turned Board Member's Advice
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Cyberside Chats - Zero Trust and Cyber Negligence: A conversation with Dr. Zero Trust Chase Cunningham
No Password Required: A Former Police Officer Who Embodies All the Qualities of a Great Leader
Modernize your Information Governance: Building a Framework for Success
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Canna We Talk Cannabis? Cybersecurity Risks Bring Growing Pains to Cannabis Businesses
The Importance Of Cybersecurity During A Merger & Acquisition Transaction
Phishing and Vishing and Smishing (Oh my!): New Types of Scams Require Increased Vigilance
The Federal Trade Commission (FTC) has announced that the effective date for the new substantive information security requirements in the revised Safeguard Rule has been extended from December 9, 2022 to June 9, 2023....more
Auto dealerships that provide financing are subject to the Gramm Leach Bliley Act (GLBA). That’s the old news. What’s new is that GLBA-covered businesses have until December 9 to implement significant changes to their...more
The Federal Trade Commission’s revised Safeguards Rule, which enumerates specific cybersecurity standards and procedures, will impose many new obligations on companies that are covered as “financial institutions” under the...more
The Gramm-Leach-Bliley Act (GLBA) is a federal law that establishes various legal requirements for companies that qualify as “financial institutions” under the Act. The GLBA’s definition of a “financial institution” is...more
The National Association of Insurance Commissioner’s (NAIC) model cybersecurity law will take center stage later this week at the group’s annual meeting in Denver. In its third draft, the Insurance Data Security Model...more
The New York Department of Financial Services has proposed new cybersecurity regulations “designed to promote the protection of customer information as well as the information technology systems of regulated entities...more
How will examiners review the information security programs of financial institutions? Revised guidance from the Federal Financial Institutions Examination Council (FFIEC) provides help to banks by articulating the...more
If the New York State Department of Financial Services (“DFS”) has its way, come January 1, 2017, financial services companies that require a form of authorization to operate under the banking, insurance, or financial...more
The Federal Financial Institutions Examination Council (FFIEC) reiterated the importance of banks protecting themselves from cyber attacks in a newly issued statement, urging financial institutions to "actively manage the...more
The Office of the Inspector General (OIG) has released the “2015 list of major management challenges” faced by the CFPB that the OIG believes will hamper the CFPB’s ability to accomplish the CFPB’s strategic objectives. Like...more
Recently, the Mortgage Bankers Association released “The Basic Components of an Information Security Program,” for small and medium size companies in the mortgage industry that may not have the resources to stay well-informed...more
NFA links NFA’s supervisory requirements with its proposed requirements mandating that NFA Members have information systems security programs. The National Futures Association (NFA) has proposed cybersecurity...more
Managed security services are often a natural “add-on” when outsourcing IT services given that data protection is integral to application development, software as a service, and cloud storage, among other services. More...more
It’s a familiar pattern. First, new risks inspire legislation and regulations that impose new penalties. Next, insurers and policyholders fight over whether the new liabilities are covered under traditional liability...more