Upcoming Webinar: Strengthening Compliance in Long-Term Care- A Practical Compliance & HIPAA Guide for Nursing Homes. Learn More.
Upcoming Webinar: Strengthening Compliance in Long-Term Care- A Practical Compliance & HIPAA Guide for Nursing Homes. Learn More.
Receive articles and resources from the information risk management experts at FoxPointe.
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) recently released a Notice of Proposed Rule Making (NPRM) detailing the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). This proposal mandates that companies report cybersecurity incidents and ransomware payments within strict timelines. Public comments on the NPRM are...
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted rules regarding Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies. The SEC has developed these rules to require registrants to disclose all material cybersecurity incidents on the new Item 1.05 of Form 8-K. Additionally, the...
The FTC Safeguards Rule requires covered companies to develop, implement, and maintain an information security program with over 20 implemented, documented and risk assessed administrative, technical, and physical safeguards designed to protect customer information. Are your clients up on what the revised Rule requires? Are they ready to be compliant...
New York State Department of Financial Services (NYSDFS) has proposed several changes to the existing 23 NYCRR Part 500 – Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). They include items such as: Classification of “Class A” companies, which are those with over 2,000 employees or...
“Data is the new oil.” We have heard that frequently over the years. It’s usually in the context of being a business driver. That is still true, however, it is also lurative for those who want to hijack your data via ransomware. In the early days of ransomware, it would...
Cybersecurity Regulations Since the regulation came into effect in March 2019, the New York State Department of Financial Services (DFS) continues to strengthen the way that it enforces the Cybersecurity Regulation 23 NYCRR Part 500. With 23 distinct sections of the regulation, DFS requires a comprehensive cybersecurity program for “Covered...
On April 2, 2021, it was confirmed that a malicious user published the phone numbers and personal data of hundreds of millions of Facebook users for free online. The information, spanning from users across the globe, includes phone numbers, user IDs, full names, locations, birthdates, and some email addresses. A...
An updated cybersecurity law that the IT organization (along with other college/university departments) will need to continue to integrate into its compliance programs, policies, and controls is the recent changes to New York’s General Business Law 899-aa and 899-bb (aka SHIELD Act). The compliance actions supporting this law have already...
This post originally appeared on Security Magazine. Ensuring the confidentiality, integrity, and availability of information must be at the forefront of any business in today’s environment. While many think they are up to this task, there’s a lot that goes into protecting data. Cyberattacks and data security breaches are at...
Windows Update Microsoft is currently urging Windows 10 users to update their systems to address severe vulnerabilities. Despite the warning, many Windows users will undoubtedly be infected by malware exploiting these weaknesses in the system. Here are four things all Windows users need to know about this imperative update. The...
