by Jeremy Sporn | Mar 16, 2018 | ISMS Consulting
“Covered Entities” that have not yet submitted a certification of compliance for the New York Department of Financial Services’ NYDFS 500 Cybersecurity Regulation (also known as 23 NYCRR 500) received a none-too-gentle “reminder” earlier this month that they need to...
by Jeremy Sporn | Feb 15, 2018 | ISMS Consulting
We are often asked, “What is the best first step to move towards GDPR compliance for US-based organizations?”. The answer: Privacy Shield. How Does GDPR Affect US Companies? US companies have no legal ground to stand on for GDPR compliance. Privacy laws...
by Jeremy Sporn | Jan 30, 2018 | ISO 27001 Certification
On the path to ISO 27001 certification, one of the most important guideposts is the Information Security Policy document. Many of the organizations we work with already have a “policy” document in some form—but often there’s a disconnect between what that document...
by Jeremy Sporn | Jan 9, 2018 | ISMS Consulting
The SaaS model depends on trust. As a SaaS provider, are potential customers confident they can trust you with their data? Despite massive and growing investments in cloud applications and services, a recent McAfee study on the state of cloud adoption and security...
by Jeremy Sporn | Dec 21, 2017 | ISMS Consulting, Third Party Risk Management
The Importance of Cybersecurity for Legal Entities The American Bar Association (ABA) clearly appreciates cybersecurity as a major concern for law firms and legal entities, and views issues around third-party risk management (TPRM) as particularly crucial for its...
