Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode Matt and Tom go into the weeds to look at the first Cybersecurity breach case brought by the state of New York’s Department of Financial Services. Some of the highlights include:
- What is the DFS?
- What is Reg 500, Cyber Rules?
- What were the First American comedy of errors?
- CISO disavowed ownership of the issue, stating, among other reasons, that such controls were not the responsibility of respondent’s information security department.
- No training for new employee charged with remediation.
- First American said it did nothing wrong.
Resources
See Matt’s blog post, Parsing DFS’ First Cybersecurity Case on Radical Compliance.
