GDPR, DFS NY Cyber, SEC, NIST, and GLBA  Compliance

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that does business in Europe needs to know about GDPR.

Reach NIST certification readiness in just three months depending on the sized of your organization, drawing on our unique blend of practical cyber security know-how and proven management system consultancy expertise, our team will work with you to implement an NIST-compliant ISMS quickly and without hassle, no matter where your business is located.

23 NYCRR 500 is a cybersecurity regulation passed by the New York State Department of Financial Services (NYDFS) in early 2017. According to their website, the purpose of the NYDFS cybersecurity regulations is to “promote the protection of customer information as well as the information technology systems of related entities.”

The primary concern, related to the GLBA, of IT professionals and financial institutions is to secure and ensure the confidentiality of customers’ private and financial information. Maintaining GLBA compliance is critical for any financial institution, as violations can be both costly and detrimental to continued operations. However, by taking steps to safeguard NPI and comply with the GLBA, organizations will not only benefit from improved security and the avoidance of penalties, but also from increased customer trust and loyalty.