Categories
Coffee and Regs

Cybersecurity Awareness Month – Reducing Cyber Incidents Through Vendor Due Diligence

Categories
Coffee and Regs

The Mood of Compliance

Categories
Coffee and Regs

Data Privacy & Building Compliance into the Product Development Lifecycle


 

Categories
Coffee and Regs

Ransomware Attacks – Cybersecurity Concerns & Best Practices to Mitigate Risk

Ransomware Attacks – Cybersecurity Concerns & Best Practices to Mitigate Risk

 
In this episode, our team of cybersecurity experts, E.J. Yerzak and Mike Farrell discuss the latest ransomware attacks in the news, best practices to keep your data secure and hackers out, and what to do first if your firm is hit by an attack.
 

 

About Our Guest Speakers:

E.J. Yerzak CISA®, CISM®, CRISC™ assists firms in assessing and managing their cybersecurity risk – from network vulnerability scanning and penetration testing to onsite cybersecurity assessments and assistance in implementing the NIST cybersecurity framework. E.J. has authored articles and alerts on emerging regulatory and technology issues, and is regularly requested to speak as a cybersecurity expert at industry conferences.

 
 
 



Mike Farrell is a Certified Information Systems Auditor (CISA®) and Certified Information Security Manager (CISM®), and Cybersecurity Consultant at CSS. He analyzes data and conducts cybersecurity risk assessments, policy gap analyses, vulnerability scanning and social engineering testing. His Information technology experience includes network installations and management, hardware and software configuration, and troubleshooting.

 
 

Categories
Coffee and Regs

Managing Cyber Insurance Risk

Managing Cyber Insurance Risk
 

In this episode, CSS’s Director of Cyber IT Services E.J Yerzak sits down with AVP, Program Executive at Varney Agency and cyber insurance expert Nick Weiner to discuss the recent NYDFS guidance for insurers that underwrite cyber insurance policies. The guidance includes a Cyber Insurance Risk Framework that provides best practices for managing cyber insurance risk amid concerns of systemic and “silent” risks to the financial sector.

 

 

About Our Guest Speakers:

 

E.J. Yerzak CISA®, CISM®, CRISC™ assists firms in assessing and managing their cybersecurity risk – from network vulnerability scanning and penetration testing to onsite cybersecurity assessments and assistance in implementing the NIST cybersecurity framework. E.J. has authored articles and alerts on emerging regulatory and technology issues, and is regularly requested to speak as a cybersecurity expert at industry conferences.

 
 


Nick Weiner is a commercial insurance agent, with ten years of experience focused on cyber, professional & management liability insurance for financial institutions. Nick firmly believes every professional organization deserves access to a specialist who can design, administer and implement a custom insurance solution. Working with an independent insurance agency gives Nick the opportunity to use his experience, knowledge, and understanding of the marketplace to assist his clients in finding the insurance solutions that meets their needs. At twenty-two, Nick started his own national insurance agency focused solely with the goal of servicing entrepreneurs in the financial services industry. Seven years later, Nick’s business was purchased, and he joined forces with Varney Agency (Portland, ME) to assist in the continued growth of their financial institution’s division. Nick often participates in thought leader groups for the industry and works closely with some advisory focused publications to provide input on insurance related topics.

 
 

Categories
Life with GDPR

Life With GDPR: Episode 23- Looking into the 2019 Crystal Ball

In this episode, I visit with Jonathan Armstrong consider some of his predictions for the rest of 2019. Even if these predictions do not become fully formed, you should consider them in light of your data privacy/data protection policies and protocols. Some of the issues and highlights are:

  1. Drones-what are the GDPR implications.
  2. The number of data breach notifications under GDPR. Through the end of January there were over 42,000 in the EU alone.
  3. Will AI and self-driving cars follow the rules on safe driving standards, or will there be new rules for the road?
  4. What will be the effects of data, big data and AI in elections going forward? What will be the fallout from Cambridge Analytica going forward?
  5. How will businesses respond to the industrialization of internet crime? What happens when there is a Zero-Day exploit?
  6. Cybersecurity insurance. Will standard insurance rules and regulations apply, or will new policy language be drafted for such coverage?

For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.