This post begins my series which unpacks the FTC Safeguards Rule based on what I’ve read and learned these past nine months. Because there are so many changes this will be a long series of posts. I plan to have posts on other topics interspersed as it will get pretty dry having a long run…
Increasing cyber security requirements in the annual financial audit
I’ve seen a slow and steady increase the past decade in cyber security requirements included in my organization’s annual financial audit (The Gramm-Leach-Bliley Act (GLBA) audit). Moving from 2022 to 2023 we are about to see a huge jump in potential GLBA audit objectives.
Change management
Implementing a new software system requires careful change management that takes into account organizational culture and leans towards more communication rather than less.
The changing cyber insurance landscape
The changing requirements to obtain cyber insurance coverage are becoming a driver to advance the security timeline for many organizations. The risk and impact of ransomware and data breaches is great and this is rippling through the insurance industry and across higher education.