Vendor Management Requirements in CyberSecurity Standards

Are you in control of third-party risk? Do you have a sound vendor management department? Do you audit your suppliers?

In a short nine months, there has been hundreds of thousands of cases and millions in fines.

And this is just the start.

What Cyber Laws Apply to Me?

It is becoming ever so clear that compliance isn't an easy task handled by the IT department, but that it's a team effort from all the departments. This makes it more difficult in regards to what's applicable so our VP of Compliance has broken down all the laws into simpler terms to be able to distinguish which law you must abide! 

One method of ensuring greater cybersecurity protection in a world of hacks and breaches: to undertake regular and programed cybersecurity audits and assessments.

The thought of an audit may strike fear in many individuals at all levels in an organization. Mostly, audits are routine and serve to ensure there is at the minimum a check-and-balance to satisfy whichever regulatory body requires it. When there are non-conformities found, it shouldn't be looked upon as a negative thing. 

This month, our VP of Compliance speaks to the benefits of non-conformities. 

2019: The Year of the Data Breach, Again…

“Magic 8 ball, will 2019 be the Year of the Data Breach…again?”

Our VP of Compliance says: All signs point to YES.

With the passing of laws like GDPR and PIPEDA, the Marriott Breach, New York Department of Financial Service’s cybersecurity rule deadlines, increased SEC enforcement, and increase in data breach lawsuits, by the time last December ended, there is no doubt that all industry specialists could not wait to label 2018 as the Year of the Data Breach. However, as we sit in the dawn of 2019, it is becoming ever increasingly clear, that 2019 will in fact be, the Year of the Data Breach, Again.

One of our clients was struggling with a complicated system that required a lot of time and effort to customize each Cisco firewall configuration to meet the individual requirements of each of its own clients.

Digital Edge eliminated the problem by implementing a solution that maximized efficiency and security.

Digital Edge team was tasked to help contain and eradicate a virus outbreak. A response team was gathered and after the initial kick-off call, the team started cleaning/investigation activities.

Digital Edge has a team in Panama that has been working with the Panama Maritime Authority. This is a gallery of that team and office! 

The New York State Department of Financial Services’ (DFS) mandatory cybersecurity requirements for financial services entities became effective on March 1st, 2017, with a two-year implementation period. The regulation requires all DFS regulated entities, subject to certain exemptions, to adopt the core requirements of a cybersecurity program. The final effective date for the regulation will be March 1, 2019, by which time, under section 500.11, DFS regulated entities are required to have written policies and procedures that are based on a risk assessment to ensure the security of nonpublic information and information systems that are accessed or held by third party service providers. 

DFS has come out with the dates all regulated entities and licensed persons must files various notices to the Superintendent. The final one being next month, February 15th 2019.