Webinar Online Training
Developing an Effective Security Awareness Training Program
As the threat of data breaches continues to increase, providing your employees with the knowledge they need to implement information security best practices becomes increasingly crucial.
Watch Now about the Developing an Effective Security Awareness Training Program
GLBA Safeguards Rule: Penetration Testing Requirements
The revised Safeguards Rule specifically states that the testing process must either deploy continuous monitoring of the implemented safeguards, or include annual penetration testing and bi-annual vulnerability scanning.
Read More about the GLBA Safeguards Rule: Penetration Testing Requirements
GLBA Written Reports: Keeping the Board of Directors in the Loop
As a part of the GLBA "Final Rule", the FTC requires an organization to appoint a Qualified Individual to report on an organization's information security program and compliance status to a board of directors or similar governing body. The written report must include specific information in order to be considered compliant with the Rule.
Read More about the GLBA Written Reports: Keeping the Board of Directors in the Loop
Prepare for Your GLBA Compliance Assessment with This 6-Step Checklist
Is your organization preparing for an upcoming FSA or state GLBA audit? What exactly will the auditors be looking for, and how can you prepare? Here is a quick compliance checklist to help your organization plan for a GLBA compliance assessment and/or audit.
Read More about the Prepare for Your GLBA Compliance Assessment with This 6-Step Checklist
GLBA SafeGuard Rule Changes: It's Happening NOW!
Institutions with a strong GLBA program in place will need to prepare for some new requirements with the updated Safeguard Rule., while others may be spending the year playing catch up.
Read More about the GLBA SafeGuard Rule Changes: It's Happening NOW!
Article NIST Framework
The recent release of the amended FTC Safeguards Rule includes a requirement for a documented (written) risk assessment that addresses criteria for evaluating security risks and threats to sensitive customer information, and describes how the identified risks will be mitigated or accepted.
Read More about the Risk Assessment