by John Verry | Aug 16, 2018 | InfoSec Strategies
Entities registered with New York State’s Department of Financial Services (NYDFS) are subject to compliance with the 23 NYCRR 500 (aka “Part 500” or “NYDFS 500”) cybersecurity regulation, and a new deadline is fast approaching. Entities who must comply include: Bank...
by John Verry | Aug 7, 2018 | Government
The most significant privacy regulation enacted to date, the EU’s GDPR, still feels “over the horizon” to many US firms. For companies that have delayed privacy initiatives, it’s still easy to “risk rationalize” away the need to comply with GDPR. After all, there have...
by John Verry | Aug 7, 2018 | Government
The State of California, the fifth largest economy in the world, has just enacted the most far-reaching consumer privacy legislation in the US—giving citizens more control over how companies share and sell their personal data. What could this new law mean for your...
by John Verry | Jul 31, 2018 | InfoSec Strategies
The National Association of Insurance Commissioners’ (NAIC) adopted the Insurance Data Security Model Law in October 2017. It establishes minimum standards for data security applicable to insurance providers. I believe this legislation will have a significant impact...
by John Verry | Jul 23, 2018 | ISMS Consulting
Over the last few years I have noticed that clients often struggle to understand how to obtain maximum value at the minimum possible cost from a virtual Chief Information Security Officer (vCISO). I think part of that confusion is they view a vCISO as being the person...
