With the ongoing cyber security skills shortage, a growing number of information security (IT) professionals are being asked to take on new responsibilities for their organization’s cyber security program. Estimates show the number of unfilled cyber security positions worldwide could grow to 4 million by 2021, which will only make the problem worse. Even with… Read More
In this week’s blog we share an overview of third-party assessments for cyber security. We cover why they’re beneficial and what to expect. Lauren Bellero spoke to Sean Falconi, a managing consultant with Delta Risk in risk management and compliance, to get his thoughts on this topic. Sean has performed many third-party assessments covering a wide range… Read More
Tickets predate the well-known ticket tracking software. Long ago, the process of tracking issues by index cards were taken from analog to digital processes However, the usefulness of ticketing has waned in the past decade or so — except in organizations that jealously maintain the culture of quality ticketing. The capabilities of ticketing systems can… Read More
Less than three weeks remain for New York financial service companies to meet the initial cyber 23 NYCRR 500 security requirements set forth by the New York Department of Financial Services (NYDFS). As part of a series of rolling deadlines, August 28 is the first major deadline. In our first blog, we discussed which covered entities must comply. Whether… Read More
In our previous blog, “New York Cyber Security Regulations: Are You Ready to Implement 23 NYCRR 500?” we provided a brief overview of the New York Cyber Security Regulation (23 NYCRR 500), including how to identify if your company is a covered entity under the New York Department of Financial Services (NYDFS). It also outlined the requirements of… Read More
March 1, 2017, marked the day that “23 NYCRR 500” (the New York Cyber Security Regulation) went into full effect for all New York Department of Financial Services (NYDFS) regulated individuals and organizations. These groups are required to adopt programs, policies, and procedures to protect their most sensitive information and assets from cyber security threats. With… Read More