Articles by tag "compliance"

“Private Cybersecurity Lawsuits”

Question: What liability do we have to individuals in a private lawsuit if there is a data breach?

A company can be privately liable to an individual or individuals in a number of ways deriving ultimately from “common law” court made laws, or “statutes” enacted by Federal or State legislatures.

Federal Class Actions for Data Breach – Who Can Sue?

Suing due to a data breach related incident might not be as simple as you'd think. 

There are fine terms you must meet in order to be able to sue and for your case to be approved in court. 

Our VP of Compliance lays out everything you need to know on this subject. 

FISMA is the Federal Information Security Management Act. It is a high-level law that mandates a level of cybersecurity for all federal agencies and federal contractors. It was enacted by Congress in 2002 and updated in 2014.

While FISMA delegates cybersecurity responsibility to the various federal departments and agencies, it also centralizes a significant amount of cybersecurity functions (including mandates) to the Department of Homeland Security (DHS) and leaves the nitty-gritty standards and guidelines to the National Institute of Standards and Technology (NIST) to hammer out. 

In this cyber environment, it is important to have a robust Information Security Management System (ISMS), but how do you know if you have a strong ISMS? 

Well it's as simple as filling out a questionnaire!

Overview of the Federal Trade Commission in regards to cybersecurity:

• Does the US have federal cybersecurity laws that apply generally?
• What does the FTC require in a nutshell?
• How can I make sure my company is in compliance?

“HiTRUST: Burdensome, But Worth It if You Have the Resources”

For the past few months the challenges facing the country’s medical infrastructure has been all over the news. Mostly these issues have focused on medical supplies and capacity, but as with any organization the IT needs of these medical facilities are also of the utmost criticality.

Digital Edge is proud to announce that they have achieved AWS Level 1 Managed Security Service Provider Competency Status.  This designation recognizes that Digital Edge has successfully met AWS requirements for a baseline of managed security services to protect and monitor essential AWS resources 24/7, known as Level 1 Managed Security Services.

This new baseline standard of quality for managed services was introduced by AWS to benefit cloud environments of any size and it spans six security domains: vulnerability management, cloud security best practices and compliance, threat detection and response, network security,host and endpoint security, and application security. The six domains contain multiple MSSP services, each with technical skill set and operational process requirements specific to AWS. 

To read the full press release click here: 

Lately, and for good reason, the top thing on people’s minds has been the COVID-19 Coronavirus. Any change from normal operations will inherently be less secure, because often the processes are unfamiliar and have not been ironed out to the extent that a company’s normal operations have been. In a situation like we are facing now, with widespread teleworking, a company’s prime security concern should be the correct implementation of a strong teleworking policy.