The less you have to worry about, the better.
Nobody provides small to mid-sized financial services firms with such a comprehensive approach to cybersecurity, business continuity and resilience, and regulatory compliance. From FINRA to Work from Home vulnerabilities to ongoing threat and protection monitoring and mitigation, we’ll take it all off your plate. You can rest assured your cybersecurity posture is bullet-proof and you have everything you need to support reporting and audit requirements.
You don't know,
what you don't know!
Your board of directors knows they have a responsibility to implement a reasonable cyber security program, but do they know what is "reasonable"? Who has the time and bandwidth to dive into the minutia of data and details?
We will work with your IT staff, director, or your go-to person for computer help! No matter the level of their expertise, we will be their partner in getting your company secure.
I know I need to be compliant but how?
GRC, BR, BIA, DR, BCP.....ahhh so many acronyms! I just want to know that I am covered if anything "bad" happens.
It's ok, we have your back. Let us worry about your policy creation & compliance, security monitoring & response, and technology management & implementation.
How do we get security to work with what we already have?
Sometimes, there just isn't a holistic awareness of your current IT risks. We have a cyber security program, but is it enough? Where are the holes? What are we missing? How are we vulnerable?
Security isn't One-Size Fits All. Your needs are unique, just like your company. We can fill the gaps in your program or provide a program tailored for you.
Applicable Laws & Regulations
H.R.3359 - Cybersecurity and Infrastructure Security Agency Act of 2018
The purpose and intent of this Act is to establish standards for data security and standards for the investigation of and notification to the Commissioner of a Cybersecurity Event applicable to Licensees (Insurance)
S.770 - NIST Small Business Cybersecurity Act
(Sec. 2) This bill amends the National Institute of Standards and Technology Act to require the National Institute of Standards and Technology (NIST) to consider small businesses when it facilitates and supports the development of voluntary, consensus-based, industry-led guidelines and procedures to cost-effectively reduce cyber risks to critical infrastructure.
State legislatures continue to advance policy proposals to address cyber threats directed at governments and private businesses. As threats continue to evolve and expand and as the pace of new technologies accelerates, legislatures are making cybersecurity measures a higher priority.
At least 43 states and Puerto Rico introduced or considered close to 300 bills or resolutions that deal significantly with cybersecurity. Thirty-one states enacted cybersecurity-related legislation in 2019.
Security Breach Notification Laws - By State - 2020
All 50 states, the District of Columbia, Guam, Puerto Rico, and the Virgin Islands have enacted legislation requiring private or governmental entities to notify individuals of security breaches of information involving personally identifiable information.
Security breach laws typically have provisions regarding who must comply with the law (e.g., businesses, data/ information brokers, government entities, etc); definitions of “personal information” (e.g., name combined with SSN, drivers license or state ID, account numbers, etc.); what constitutes a breach (e.g., unauthorized acquisition of data); requirements for notice (e.g., timing or method of notice, who must be notified); and exemptions (e.g., for encrypted information).