Taking advantage of technology and digitization involves more than business strategy. It requires strong data governance principles which, among other things, must align the functional demands of an organization’s cybersecurity, privacy and information management teams.
Something potentially groundbreaking is happening in New York, and its impact is being felt globally. Still, if you’re not in the financial services industry, and specifically regulated by the New York State Department of Financial Services (NYDFS), you may have missed it. What is this change? In short, it’s the first of what may become a wave of stringent state cybersecurity regulations that impose “minimum standards” on industry.
Paul McCartney wrote “The Long and Winding Road” while the Beatles were in the throes of dissent and months away from breaking up. Listening now to the song’s yearning lyrics and plaintive melody, is it possible that Sir Paul actually anticipated the NIST Cybersecurity Framework’s Recover function, and was imagining the category titled Recovery Planning?
If at first you don’t succeed, try, try again.” Although catchy, we all know that the real keys to success after failure are reflection and adaptation, not mere persistence.
It’s been nearly two years since we addressed cyber insurance in the Cyber Tactics column, so I decided to get an update from Bob Parisi, Managing Director at Marsh.
Mike Tyson notably said, “Everyone has a plan ‘till they get punched in the mouth.” So, how do you ensure the same doesn’t hold true for your company’s incident response plan when a real breach occurs? Enter the NIST Framework category titled Mitigation.
RSS
