Blog - Incident Response Management

NYDFS Bolsters Cybersecurity Requirements

Effective November 1, 2023, the Part 500 amendment to the NYDFS Cybersecurity Regulation (23 NYCRR 500) is a new set of cybersecurity requirements for all covered financial institutions. The NYDFS bolsters cybersecurity requirements through a series of changes that address both the advancements of the cybersecurity threat landscape as well as increased opportunities for organizations to protect themselves.

The Power of Collaborative Incident Response

It’s easy to denounce silos and promote collaboration, but how does an organization actually go about enabling communication, compliance, and coordinated action across and between departments? Read more from Judy Titera, Independent Director, Consultant (former Chief Privacy Officer at USAA).

To Be Great Enterprise Risk Managers, CISOs Need to be Great Collaborators

To accurately identify, mitigate, and reduce risks across an organization—be they electronic or paper, malicious or non-malicious—key departments must share the burden of privacy incident response and privacy by design. Collaboration is key, as privacy, security, legal, and product teams effectively work together.

To Manage Enterprise Privacy Risks, CISOs Have to Measure It

When it comes to managing risk, CISOs must know what threatens the privacy and security of their organization’s sensitive data. That means having the ability to identify and measure all the risks lurking throughout the enterprise—no easy feat. Read more on successfully measuring and managing privacy risks in this blog.

Aligning Privacy and Security Incident Response

Privacy and security may have different terminology and short-term objectives, but their overarching mission is the same: to protect the organization and its stakeholders. With proactive relationship-building, ongoing communication to build awareness, and with integration to enable an efficient, collaborative workflow, both teams can achieve their individual and overarching goals better than either would alone.

Efficiency Tip: Decentralized Incident Intake

Speed up your privacy incident response timeline from detection to investigation, and escalation with decentralized incident intake.