by Eddie Taliaferro | Jul 22, 2019 | InfoSec Strategies
It sometimes happens in the course of supporting clients during ISO 27001 certification projects or other information security assessments that we uncover “check-the-box” documents. For example, these might be policies that were downloaded from the Internet and... by John Verry | May 9, 2019 | InfoSec Strategies
If your company is like many of our SMB/SME clients, GDPR was a short-lived event. You heard about the regulation, kicked-off a GDPR project, realized how significant the work effort was and how limited the likelihood of an action against your organization was, and... by Jeremy Sporn | Jan 2, 2019 | ISMS Consulting
Legal firms are no strangers to regulations. But cybersecurity regulations coming from the American Bar Association (ABA)… that is a new one. The truth is, this has been coming for some time. Industry-specific regulations on privacy and cybersecurity are popping up... by John Verry | Sep 27, 2018 | Government
With the EU’s GDPR now in force and California just enacting its Consumer Privacy Act (AB 375), the two-minute warning has sounded for US businesses that work with consumers’ personal data. You must move to implement privacy policies that align with these... by John Verry | Aug 16, 2018 | InfoSec Strategies
Entities registered with New York State’s Department of Financial Services (NYDFS) are subject to compliance with the 23 NYCRR 500 (aka “Part 500” or “NYDFS 500”) cybersecurity regulation, and a new deadline is fast approaching. Entities who must comply include: Bank...
