04
Feb
Feb
Streamline Compliance with the Digital Operational Resilience Act (DORA). Save thousands building and documenting a cyber program.
Tag Archives: security policy compliance
22
Jan
Jan
Streamline Compliance with the Digital Operational Resilience Act (DORA). Save thousands building and documenting a cyber program.
In May 2024 the U.S. Securities and Exchange Commission (SEC) adopted amendments to its Regulation S-P, adding to the cyber security requirements for registered investment advisers (including registered investment companies and investment funds. The final SEC cyber risk management rules require advisers and funds to adopt and implement a program with written cybersecurity policies and […]
Houston, Texas – Information Shield and NetDiligence announced a strategic alliance to enhance information security options within the cyber insurance industry. NetDiligence® operates the ERiskHUB(TM), a platform that provides loss-mitigation and breach response solutions to dozens of leading cyber insurance providers and brokers. As part of the alliance, Information Shield’s new platform – ComplianceShield – […]
Houston, Texas – Information Shield today announced that their latest information security product – ComplianceShield – can be used by clients to save time and money addressing security requirements from the Securities and Exchange Commission (SEC.) Since the SEC originally established requirements for protecting sensitive financial information, it has increased focus on the cyber security […]
Please Don’t Do This A number of years ago I was asked to come in and do an information security risk assessment at a major company. Of course gathering and reading copies of relevant documentation is part of the background work necessary to orient myself to the client’s current information security situation. With this particular […]
Never Say Never: In the absence of further information, written information security policies are by default generally considered information that is "for internal use only" or "restricted." There are many good reasons to refuse to release information security policies to outsiders. But the trend these days is towards greater transparency, greater accountability, and a more [...]
Part 7. A Written Exception Process It may be impossible for every part of the organization to follow all of the information security policies at all times. This is especially true if policies are developed by the legal or information security department without input from business units. Rather than assuming there will be no exceptions […]
Many organizations are building or updating written information security policies in response to the newly updated Payment Card Industry Data Security Standard (PCI-DSS). In this paper we describe how Information Shield security policy products can be used to save time and money building security policies that address the PCI-DSS requirements. PCI-DSS Policy Compliance Using Information [...]
Some organizations still receive little management support or funding for a sound information security policy program. Within the last several years, however, numerous federal, state and international regulations have been passed that require the protection of information. Many organizations are now enhancing their information security policies in response to legal and regulatory requirements. In some […]
- 1
- 2