Privacy Archives - Fasoo Fasoo
  • Thank you for subscribing.

    Something went wrong.


  • Topics


    Recent Articles

    Privacy

    Can Updated FFIEC Cyber Assessment Tool Help With Other Regulations?

    Use the FFIEC Cyber Assessment Tool to help comply with NYDFS 23 NYCRR Part 500The Federal Financial Institutions Examination Council (FFIEC) released an update to its Cybersecurity Assessment Tool to help financial institutions establish a better baseline to identify their risks and determine their cybersecurity preparedness. The original intent of the Assessment was to provide a repeatable and measurable process for financial institutions to measure their cybersecurity preparedness over time.

    The updates are a response to criticism since its release in June 2015 for its vagueness and diversion from other well-established cybersecurity assessment frameworks, such as the NIST Cybersecurity Framework.  While there are similarities between these tools, the FFIEC is trying to provide guidance to its constituency where the NIST framework is general for all organizations.

    Read the rest of this entry »

    Share it now!

    Cyber Security Legislation Will Change the Face of Business

    Cyber Security Legislation Will Change the Face of BusinessAs 2017 gets underway, cyber security legislation will strengthen and force businesses to change the way they approach information security.  At the federal level in the United States, the US Congress and President have proposed numerous updates to existing regulations and new regulations to cover all facets of cybersecurity.  These include the Cyber Preparedness Act of 2016, Cybersecurity Systems and Risk Reporting Act and others.

    At the state level, legislation was introduced or considered in at least 28 states in 2016. Fifteen of those states enacted legislation, many addressing issues related to security practices and protection of information, and cyber crimes in general, including dealing with rasomware.

    Read the rest of this entry »

    Share it now!

    Securing Information While Sharing

    Securing Information While SharingIn a recent article entitled “Securing Information for a Shared Services Infrastructure”, Richard Freeman from Ricoh Canada talked about the need to secure information as companies share it internally and externally.  The focus of the article is how an organization must look at balancing the need to efficiently share information without compromising privacy, protection of intellectual property and other sensitive data, or financial and legal risk.

    As is evident from all the news about data breaches and cyber threats, the challenge today is to thwart the bad guys from stealing your sensitive data.  While many organizations still focus on protecting servers, networks and end-point devices, you have to secure and control the information itself.  Since most of the data created today is unstructured content stored in documents, protecting the documents from inadvertent or malicious access should be the primary goal to ensure that authorized users can collaborate efficiently and securely.

    Read the rest of this entry »

    Share it now!

    Trust and Betrayal – A Tale of Insider Threats

    Insider threats can cause more damage than external hackersYou do complete background checks and go through references as part of your hiring processes. You continually and painstakingly train employees on security and data breach topics to make sure they are educated and will know what to do and not to do during the course of daily business.

    You even conduct daily auditing of system activity and ensure that you are consistent with discipline at your workplace.  On top of it all, you’ve even gotten cyber insurance. You’ve made reasonable efforts to protect your sensitive business files as well as data and your business.  And, you trust your staff, so you naturally feel pretty confident that you are covered on all sides.

    Read the rest of this entry »

    Share it now!

    Data-Centric Approach Starves Data-Hungry Cybercriminals

    Using data-centric security stops criminals from stealing healthcare dataIn a slideshow recently published in IT Business Edge, breaches within healthcare organizations hit an all-time high in 2015. With healthcare records growing in value, cybercriminals have realized they can get a quick payout by hacking this confidential information and selling it to other malicious actors or groups.

    Healthcare organizations have become easy targets because they tend to place more emphasis on compliance rather than important security measures. Meeting the letter of the law does not mean you are safe and secure.  Imagine if your doctor only did the bare minimum during surgery to make sure you complied with a text book procedure, rather than actually finishing the job.

    Read the rest of this entry »

    Share it now!

    7315 Wisconsin Avenue, Suite 420

    Bethesda, MD 20814

    Phone: (732) 955-2333 | inquiry@fasoo.com

    © 2017 Fasoo, Inc. All rights reserved.