by John Verry | Aug 16, 2018 | InfoSec Strategies
Reading Time: 2 minutes
Entities registered with New York State’s Department of Financial Services (NYDFS) are subject to compliance with the 23 NYCRR 500 (aka “Part 500” or “NYDFS 500”) cybersecurity regulation, and a new deadline is fast approaching.... by John Verry | Aug 7, 2018 | Government
Reading Time: 2 minutes
If you missed it, start with Part 1 of this post here: California Consumer Privacy Act of 2018: What Could It Mean for Your Business? (Part 1) The most significant privacy regulation enacted to date, the EU’s GDPR, still feels “over... by Jeremy Sporn | Mar 16, 2018 | ISMS Consulting
Reading Time: < 1 minute“Covered Entities” that have not yet submitted a certification of compliance for the New York Department of Financial Services’ NYDFS 500 Cybersecurity Regulation (also known as 23 NYCRR 500) received a none-too-gentle “reminder” earlier... by Jeremy Sporn | Dec 13, 2017 | InfoSec Strategies
Reading Time: 3 minutes
We see plenty of organizations that are compliant—but not secure. Yet rarely, if ever, do we find an organization to be secure but not in compliance. Cybersecurity regulators care about compliance, but hackers are opportunistic and... by Jeremy Sporn | Nov 30, 2017 | ISMS Consulting
Reading Time: 2 minutes
The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is steadily gaining traction in the healthcare industry, with major players like Anthem, Highmark, Humana and UnitedHealth Group requiring their business...
