by John Verry | Aug 16, 2018 | InfoSec Strategies
Reading Time: 2 minutes
Entities registered with New York State’s Department of Financial Services (NYDFS) are subject to compliance with the 23 NYCRR 500 (aka “Part 500” or “NYDFS 500”) cybersecurity regulation, and a new deadline is fast approaching.... by John Verry | Aug 7, 2018 | Government
Reading Time: 2 minutes
The most significant privacy regulation enacted to date, the EU’s GDPR, still feels “over the horizon” to many US firms. For companies that have delayed privacy initiatives, it’s still easy to “risk rationalize” away the need to... by Jeremy Sporn | Mar 16, 2018 | ISMS Consulting
Reading Time: < 1 minute“Covered Entities” that have not yet submitted a certification of compliance for the New York Department of Financial Services’ NYDFS 500 Cybersecurity Regulation (also known as 23 NYCRR 500) received a none-too-gentle “reminder” earlier... by Jeremy Sporn | Dec 13, 2017 | InfoSec Strategies
Reading Time: 2 minutes
We see plenty of organizations that are compliant—but not secure. Yet rarely, if ever, do we find an organization to be secure but not in compliance. Cybersecurity regulators care about compliance, but hackers are opportunistic and... by Jeremy Sporn | Nov 30, 2017 | ISMS Consulting
Reading Time: 2 minutes
The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is steadily gaining traction in the healthcare industry, with major players like Anthem, Highmark, Humana and UnitedHealth Group requiring their business...
