by Lou Romero | Apr 20, 2017 | Government
For the past several months I’ve been working on a cyber loss control project performing risk assessments for over 100 New Jersey municipalities. I’m winding down the first phase of the project, which was assessing and identifying vulnerabilities within their IT...
by John Verry | Apr 14, 2017 | Government
The New York State Department of Financial Services (NYDFS) 23 NYCRR 500 Cybersecurity Requirements for Financial Services Companies is a relatively comprehensive new regulation intended to ensure the security of “Non-Public Information” (largely...
by John Verry | Feb 22, 2012 | Government, ISO 27001 Certification
Can’t protect what you don’t know about. Had an interesting conversation this week with the CISO of a large bank. They were interested in moving towards ISO-27001 certification and we were talking about the challenges of conducting a “meaningful” risk...
by News | Jul 8, 2011 | Government
By Ericka Chickowski, http://www.darkreading.com Some of the federal government’s most critical agencies are falling down on database security with misconfigurations, vulnerabilities, and a lack of best practices, putting sensitive citizen and defense...
by John Verry | Jun 23, 2011 | Government, ISO 27001 Certification
I’m surprised this piece of legislation has not gotten more press. In February, the Ministry of Communications and Information Technology (MCIT) released the draft notification proposed to be released in respect of Section 43A of ITA 2008. Under Sec 43A the ITA...
