Formal Management Accountability for Cyber Security has Arrived. Organizations need to be prepared. Read More

The General Data Protection Regulation (GDPR) is already having more impact on data privacy than perhaps any regulation in history. Because of its broad reach and heavy fines (up to 4% of revenue), GDPR is forcing every organization that collects personal data to examine its... Read More

Information Shield today announced that the ComplianceShield Common Policy Library (CPL) has been updated with new sample data privacy policies that support the California Consumer Privacy Act (CCPA) of 2018.   In addition to the General Data Protection Regulation (GDPR), the... Read More

California recently passed the most strict state-level privacy law designed to protect consumer data.   The California Consumer Privacy Act of 2018 (CCPA) puts some new restrictions on how organizations must interact with customers.   In this article we describe the key... Read More

New “IT Security Made Easy” platform automates key compliance requirements of new DFS cyber data protection law May 4, 2017 – Information Shield – a leading provider of IT security compliance software – announced support for the new NYS Department of Financial... Read More

Attorneys Create New Control Framework The Association of Corporate Counsel (ACC), which represents over 42,000 in-house counsel across 85 countries, recently released a new control model to help organizations interact with outside parties when dealing with sensitive information.... Read More

Many of our Information Shield customers are asking how to address “Shadow IT” within their information security policy programs.    In this article we will identify the common risks with unapproved IT devices and services and how to address them in your governance... Read More

Third Party Vendors and Data Breaches So the bad news is sinking in.   Data breach reports are showing that significant information security risk can lie with third party vendors.  Starting with the now-famous Home Depot breach, a steady stream of breaches have been reported that... Read More

Many financial services firms are currently building programs to comply with the information security requirements of the Securities and Exchange Commission (SEC). In this article we discuss some key information security policy and compliance lessons that organizations can learn... Read More