Security Policy University Blog

The latest news and articles relating to information security policies and regulatory compliance.  Bookmark this page or subscribe to our Policy Solutions Newsletter for regular updates.
Simplify Compliance with NADA FTC Safeguards Rule
February 27, 2023

Understand the key requirements of the FTC Safeguards Rule as it applies auto-dealerships and see how to effectively build and maintain and written information security program to maintain compliance. What are the NADA [...]

Compliance with NIS 2 Directive Cyber Security
January 18, 2023

NIS2 Directive What is the NIS 2 Directive? The NIS 2 Cyber Directive is move by the EU to set a new standard for cyber security across the member states. The EU Parliament [...]

Simplify NAIC Data Security Law Compliance
September 13, 2022

What is the NAIC Data Security Model Law? The National Association of Insurance Commissioners (NAIC) Data Security Model Law (Model Law) requires insurers and other entities licensed by state insurance departments to develop, [...]

Key Elements of Information Security Policies
August 26, 2022

What is an information security policy? An Information Security Policy is a formal document that defines controls within your information security program. An information security policy is a high-level business rule that must [...]

Simplify Compliance with FTC Safeguards Rule
July 1, 2022

Understand the key requirements of the FTC Safeguards Rule and how to effectively build and maintain and written information security program to maintain compliance. What is the FTC Safeguards Rule? The Federal Trade [...]

The ISO 27002:2022 Update – What Happened?
June 2, 2022

In March 2022 the International Standards Institute (ISO) made an official update to the cyber security standard ISO/IEC 27002. The last update was in 2013, so nine years have passed. This is significant [...]

The IRS Data Security Plan: FAQ
May 5, 2022

Any IRS provider can develop a Data Security Plan using a quality Template. [...]

Information Shield Enables SEC Cyber Compliance
April 13, 2022

April 13, 2022 – Information Shield today announced support for the new 2022 proposed SEC Cyber Risk requirements. Organizations can address the new security policy and record-keeping requirements in a single integrated solution. [...]

Comply with new SEC Cybersecurity Risk Rules
April 13, 2022

In February 2022 the Securities and Exchange Commission (SEC) voted to enhance the cyber security requirements for registered investment advisers (including registered investment companies and investment funds). The proposed SEC cyber risk management [...]