by Jeremy Sporn | Mar 16, 2018 | ISMS Consulting
“Covered Entities” that have not yet submitted a certification of compliance for the New York Department of Financial Services’ NYDFS 500 Cybersecurity Regulation (also known as 23 NYCRR 500) received a none-too-gentle “reminder” earlier this month that they need to...
by Jeremy Sporn | Feb 15, 2018 | ISMS Consulting
We are often asked, “What is the best first step to move towards GDPR compliance for US-based organizations?”. The answer: Privacy Shield. How Does GDPR Affect US Companies? US companies have no legal ground to stand on for GDPR compliance. Privacy laws...
by Jeremy Sporn | Sep 22, 2017 | InfoSec Strategies
What Happened? We now know the Equifax data breach, which impacts almost 60% of the US adult population, was preceded by another breach or series of breaches of unknown magnitude back in March. We also know the July mega breach exploited a flaw in third-party code...
by Jeremy Sporn | Jul 25, 2017 | Government
On July 10, Connecticut Governor Dannel Mallow officially announced the release of the Connecticut Cybersecurity Strategy. The most far-reaching of its kind put forth at the state level, this strategy document outlines how the state expects both public and private...
by John Verry | Apr 14, 2017 | Government
The New York State Department of Financial Services (NYDFS) 23 NYCRR 500 Cybersecurity Requirements for Financial Services Companies is a relatively comprehensive new regulation intended to ensure the security of “Non-Public Information” (largely...
