Information Security Policy Blog

The latest news and articles relating to information security policies and regulatory compliance.  Bookmark this page or subscribe to our Policy Solutions Newsletter for regular updates.
5 Elements of Effective Information Security Policies
October 25, 2024

Use these 5 tips to take your information security policies off the shelf and put them into action. Bad Information Security Policies Information Security Policies are the foundation of your cyber security program. [...]

Read More
SEC Privacy S-P
Security Policies for Regulation S-P: GLBA Data Privacy

In 2024 the SEC formally adopted updates to “Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information.” The rules apply to financial institutions that collect and manage nonpublic personal information about [...]

Read More
09
Oct
EPA Water Cyber Security
Simplify Compliance with EPA Cyber Security Requirements

Understand the key cyber security requirements of the Safe Drinking Water Act (SDWA) and see how to effectively build and maintain and written information security program to maintain compliance. NOTE: When this article [...]

Read More
04
Oct
Streamline DORA Compliance

The Digital Operational Resilience Act (Regulation (EU) 2022/2554) dramatically increases the cyber security burden of financial services entities operating in the EU or serving the EU business community. In short, every EU financial [...]

Read More
10
Sep
Healthcare Cyber Resilience: Third Party Cyber Risk Management

As the result of several recent cyber attacks on the healthcare supply chain, the American Hospital Association (AHA) and Health Information Sharing and Analysis Center (H-ISAC) issued a joint warning for healthcare organizations [...]

Read More
13
Aug
Policy Library Updates
Security Policy Updates for ComplianceShield

Full updates to the Common Policy Library including AI, SBOM and regulatory mappings.

Read More
01
Aug
What is required in a Security Plan for HAZMAT HM 232?

In April 2024 the United States Department of Transportation finalized new requirements for the safe transportation of hazardous materials (Hazmat HM-232). HM-232 requires shippers and transporters of hazardous materials to create a formal, [...]

Read More
24
Apr
Automate Vendor Risk Management
Information Shield Adds New Vendor Cyber Risk Management Features

On February 22nd we introduced new features to streamline Vendor Cyber Risk Assessment and Management. These features are now integrated within ComplianceShield Enterprise. We are pleased to introduce these new innovations to our [...]

Read More
15
Mar
How to Simplify Vendor Risk Management
February 26, 2024

Every major cyber security framework and law requires that an organization must manage the cyber risk of third party vendors. In fact, vendor cyber risk management must now be considered “best practice” for [...]

Read More