Receive articles and resources from the information risk management experts at FoxPointe.
Now that you have stood up processes for onboarding 3rd parties it is time to consider the same for 4th parties What Another vendor group I have to worry about Have you thought about 4th parties These entities are the vendors of your vendors Just as your Information Security function...
You may have read recently that the number of instances of ransomware has declined While the overall count of malicious and damaging infections may be waning the impact of an attack is certainly not Case in point the BlackCat attack on Change Healthcare The attack on February 21st has had...
Your organization and its risk management leaders face disturbances on multiple levels every day encompassing cybersecurity privacy regulatory management and focused and widespread malicious actions and actors technological weaknesses organizational apathy human errors etc nbsp Preparation assessment and pragmatic execution of the needed controls are vital to address these disruptions...
After a multiyear process of proposals and assessment of public comments the New York State Department of Financial Services NYSDFS has made significant amendments to its Cybersecurity Regulation 23 NYCRR Part 500 nbsp The rule is final and effective as of November 1 2023 nbsp Let s take a comprehensive...
Days before the new Securities and Exchange Commission SEC cybersecurity disclosure rules went into effect which FoxPointe previously discussed here Erik Gerding Director of Corporation Finance of the SEC issued a statement offering some thoughts rationale and perspective on the rules in an attempt to highlight the significant parts of...
This article was written by Brendan Horton Security Analyst Cloud security encompasses the policies technologies and practices designed to protect cloud based resources including data applications and infrastructure from a wide range of cyber threats nbsp Cloud computing has become the technology of choice for organizations wanting scalability and flexibility...
Every October since 2004 marks National Cybersecurity Awareness Month This month raises awareness about the importance of cybersecurity and how to protect yourself from cybercrime Use multi factor authentication wherever possible Traditional authentication requires an ID and password multi factor requires an additional layer of protection such as entering a...
In today 8217 s rapidly evolving digital landscape the protection of sensitive information and the preservation of digital assets have become paramount as has a full and accurate understanding of the controls in place nbsp As organizations navigate the intricate realm of cybersecurity the role of a Chief Information Security...
Today s organizations face numerous cybersecurity challenges and one of the most insidious threats is social engineering nbsp Cybersecurity is often associated with technical vulnerabilities and sophisticated defenses however social engineering leverages human reactions and psychology to gather information and perform attacks nbsp This article aims to shed light on...
The FTC Safeguards Rule requires covered companies to develop implement and maintain an information security program with over 20 implemented documented and risk assessed administrative technical and physical safeguards designed to protect customer information Are your clients up on what the revised Rule requires Are they ready to be compliant...