Receive articles and resources from the information risk management experts at FoxPointe.
The Department of Homeland Security 8217 s Cybersecurity and Infrastructure Security Agency CISA recently released a Notice of Proposed Rule Making NPRM detailing the Cyber Incident Reporting for Critical Infrastructure Act CIRCIA This proposal mandates that companies report cybersecurity incidents and ransomware payments within strict timelines Public comments on the...
Is your Credit Union in the know about the recent cybersecurity requirements mandated by the New York State Department of Financial Services DFS that may affect operations DFS has made significant amendments to its Cybersecurity Regulation 23 NYCRR Part 500 The rule is final and effective as of November 1...
Now that you have stood up processes for onboarding 3rd parties it is time to consider the same for 4th parties What Another vendor group I have to worry about Have you thought about 4th parties These entities are the vendors of your vendors Just as your Information Security function...
This article was written by Emily Mosack In today s digital landscape where cybersecurity threats are constantly evolving organizations face the challenge of staying ahead of malicious actors while managing limited resources and expertise One solution gaining momentum is outsourcing cybersecurity functions to specialized external providers What is outsourcing The...
You may have read recently that the number of instances of ransomware has declined While the overall count of malicious and damaging infections may be waning the impact of an attack is certainly not Case in point the BlackCat attack on Change Healthcare The attack on February 21st has had...
Your organization and its risk management leaders face disturbances on multiple levels every day encompassing cybersecurity privacy regulatory management and focused and widespread malicious actions and actors technological weaknesses organizational apathy human errors etc nbsp Preparation assessment and pragmatic execution of the needed controls are vital to address these disruptions...
This article was written by nbsp Heather Brownson Recently the NYS Office for People with Developmental Disabilities OPWDD has been placing a stronger focus on Incident Management primarily surrounding timely completion of investigations of reportable incidents The following is a high level overview of OPWDD s Part 624 Regulations OPWDD...
This article was written by James Farr Senior Security Consultant Privacy vs Security Privacy and security often work hand in hand to support each other but each has its own distinct role nbsp Data privacy includes policies and procedures that define how information is gathered stored accessed and destroyed nbsp...
This article was written by Ryan Bigelow Director at FoxPointe Solutions The Payment Card Industry Security Standards Council PCI SSC has released version 4 of the Data Security Standard DSS This is the first major update to the standard since PCI DSS v3 0 was issued in November 2013 With...
After a multiyear process of proposals and assessment of public comments the New York State Department of Financial Services NYSDFS has made significant amendments to its Cybersecurity Regulation 23 NYCRR Part 500 nbsp The rule is final and effective as of November 1 2023 nbsp Let s take a comprehensive...