A New York special: NYDFS cybersecurity regulation (23 NYCRR 500)

23 NYCRR 500, also known as NYDFS Cybersecurity Regulation, is a law issued by the New York State Department of Financial Services (NYDFS) that mandates the enforcement of optimal data security standards to safeguard websites and apps. 23 NYCRR 500 […]… Continue reading A New York special: NYDFS cybersecurity regulation (23 NYCRR 500)

2019 Update on frameworks, standards, and regulations for infosec

At the 2019 BSides Tampa Security conference I did a talk on 2019 Updates on frameworks, standards, and regulations for infosec.  Over the last year several new and updated frameworks and regulations have come out, as well as are being updated.
Mo… Continue reading 2019 Update on frameworks, standards, and regulations for infosec

Top Compliance Pain Points by Industry

Whether you are adhering to mandatory regulations or voluntary cybersecurity frameworks, taking compliance seriously can be a huge boon to your organization. It can help you avoid costly penalties, signal to your customers that you’re serious abo… Continue reading Top Compliance Pain Points by Industry