Receive articles and resources from the information risk management experts at FoxPointe.
The Department of Homeland Security 8217 s Cybersecurity and Infrastructure Security Agency CISA recently released a Notice of Proposed Rule Making NPRM detailing the Cyber Incident Reporting for Critical Infrastructure Act CIRCIA This proposal mandates that companies report cybersecurity incidents and ransomware payments within strict timelines Public comments on the...
The FTC Safeguards Rule requires covered companies to develop implement and maintain an information security program with over 20 implemented documented and risk assessed administrative technical and physical safeguards designed to protect customer information Are your clients up on what the revised Rule requires Are they ready to be compliant...
New York State Department of Financial Services NYSDFS has proposed several changes to the existing 23 NYCRR Part 500 Cybersecurity Requirements for Financial Services Companies the Cybersecurity Regulation or Part 500 They include items such as Classification of Class A companies which are those with over 2 000 employees or...
This blog was written and produced by Nick Cozzolino CISSP Director of Information Security at The Bonadio Group FoxPointe Solutions is The Bonadio Group 8217 s dedicated cybersecurity division Looking to get in touch with Nick Reach out today Nick Cozzolino ncozzolino bonadio com Data is the new oil We...
Since the regulation came into effect in March 2019 the New York State Department of Financial Services DFS continues to strengthen the way that it enforces the Cybersecurity Regulation 23 NYCRR Part 500 With 23 distinct sections of the regulation DFS requires a comprehensive cybersecurity program for Covered Entities including...
On April 2 2021 it was confirmed that a malicious user published the phone numbers and personal data of hundreds of millions of Facebook users for free online The information spanning from users across the globe includes phone numbers user IDs full names locations birthdates and some email addresses A...
An updated cybersecurity law that the IT organization along with other college university departments will need to continue to integrate into its compliance programs policies and controls is the recent changes to New York s General Business Law 899 aa and 899 bb aka SHIELD Act The compliance actions supporting...
This post originally appeared on Security Magazine Ensuring the confidentiality integrity and availability of information must be at the forefront of any business in today s environment While many think they are up to this task there s a lot that goes into protecting data Cyberattacks and data security breaches...