Tag Archives: risk assessment

Steps to Develop a Mature Third-Party Risk Management Program With High-Risk Third Parties (Part 3)

Photo of Daniel PepperBy Daniel Pepper on Posted in Risk Assessments
Part 1 Part 2 This blog is the third in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as assessing compliance with regulations, vetting third-party security practices, and establishing data breach and cyber exploit … Continue Reading

Steps to Develop a Mature Third-Party Risk Management Program with High-Risk Third Parties (Part 2)

Photo of Daniel PepperBy Daniel Pepper on Posted in Risk Assessments
This blog is the second in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as assessing compliance with regulations, vetting third-party security practices, and establishing data breach and cyber exploit incident response procedures. While … Continue Reading

Steps to Develop a Mature Third-Party Risk Management Program With High-Risk Third Parties

Photo of Daniel PepperBy Daniel Pepper on Posted in Risk Assessments
This blog is the first in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls such as assessing compliance with regulations, vetting third-party security practices, and establishing data breach and cyber exploit incident response procedures. While … Continue Reading

FINRA Issues Recommendations and Best Practices to Address Common Cybersecurity Risks for Broker-Dealer Firms

By Will R. Daugherty and Caroline B. Brackeen on Posted in Financial Privacy
The Financial Industry Regulatory Authority (FINRA) has issued its “Report on Selected Cybersecurity Practices – 2018” to provide further guidance to broker-dealer firms in developing and improving their cybersecurity programs. The report piggybacks on FINRA’s 2015 “Report on Cybersecurity Practices” by identifying five common cybersecurity risks and outlining recommended practices addressing these risks: • Branch … Continue Reading

What Covered Entities and Business Associates Need to Do to Prepare for the New HIPAA/HITECH Requirements (Part I)

Photo of Theodore J. Kobus IIIBy Theodore J. Kobus III on Posted in Breach Notification, Data Breach Notification Laws, Data Breaches, Enforcement, HIPAA/HITECH, Medical Privacy
The Department of Health and Human Services (HHS) issued, on January 17, 2013, its Final Omnibus Rule modifying the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules as well as the breach notification rules of the Health Information Technology for Economic and Clinical Health Act (“HITECH”).  Our initial discussion can … Continue Reading
LexBlog