Blog

Tag: CIO

Click here to see the Countdown to Compliance, Fasoo Sponsored Ponemon Institute Survey of NYDFS 23 NYCRR 500Fasoo sponsored a Ponemon Institute survey to determine the readiness of financial firms doing business in New York State to comply with the new cybersecurity regulation NYDFS 23 NYCRR 500 that went into effect on March 1, 2017.  The regulation includes deadlines to implement procedures and solutions to achieve compliance with the new standards.  Since New York is one of the world’s financial capitals, the state wants to ensure that organizations that operate under the banking, insurance or financial services regulations provide a secure information sharing environment to protect companies and their customers.

“The survey is aptly titled “Countdown to Compliance,” said Dr. Larry Ponemon.  “Our goal is to provide insight into the challenges these organizations face in complying with the demanding new requirements which apply to all ‘nonpublic information’ – at rest, in-transit and shared with third parties.  The survey will provide insight into their efforts to comply over the next 180 to 365 days.”

Many organizations may not realize they are covered under these regulations, but if you just go to the NY Department of Financial Services website, you can search for your business.  If you are a financial institution,

insurance company, insurance licensee or service contract provider, you are most likely covered.  This also includes foreign banks that are New York State-chartered or licensed.

This is the second Ponemon Institute survey sponsored by Fasoo during the past year. The previous research, titled “Risky Business: How Company Insiders Put High Value Information at Risk” polled IT security practitioners on risks of data breaches by trusted insiders.  The information in that survey is still very relevant to financial services firms and any business today.

“Both of these Ponemon surveys build market awareness and inform CIO/CISO and Compliance Officer leadership as to the need and now the mandatory New York State requirements for data-centric security, audit, and compliance solutions,” said John Herring, CEO of Fasoo, Inc.  “We are joining with leading Legal, GRC and Insurance cybersecurity professionals to sponsor several events across New York State to highlight strategies and enterprise ready data-centric solutions to address regulatory compliance.”

If want to get an early release copy of the “Countdown to Compliance” survey and keep apprised of Fasoo sponsored NYDFS events, please register here.

 

Photo credit thenails

Fasoo Had a Busy Month in October Showing Data Security SolutionsThe month of October was very busy for Fasoo as we were all over the US talking to people about data-centric security and how it is the best solution to protect your sensitive information from insider threats and external hackers (APTs).

We started the month by attending the Rochester Security Summit in Rochester, NY.  This two-day event brought together executives and technical staff from numerous organizations in the Rochester area to share intelligence on how to protect their businesses from cyber attacks.  Fasoo was part of a vendor pavilion with our partner Brite Computers showing attendees how to protect data localized from databases, files downloaded from content management systems and those shared through the cloud and on mobile devices.  Ron Arden, Vice President – North America, presented to a packed room on “Closing the Threat Gap: A 21st Century Approach to Minimizing Risk” as part of the Threat Landscape track at the event.

The following week saw Fasoo sponsoring an executive luncheon on The Internet of Things (IoT) at the Nasdaq Ron Arden and Bill Blake at the National Cyber Security Awareness month eventMarketsite in New York City.  The event was put on by the National Cyber Security Alliance (NCSA) as part of National Cyber Security Awareness Month (NCSAM).  Bill Blake, President – North America, and Ron Arden got to participate in the luncheon and spoke to the numerous executives and government officials.  We were even part of the closing bell ceremony; look for us around 1:00 into the video.  With all the interest in IoT devices and the tremendous data that each will generate, Fasoo was educating people on how to protect the information collected and ensure that PII, PHI and other personal data is protected.

We finished the month in Las Vegas at the IBM Insight 2015 conference.  Fasoo was a Silver Plus Sponsor, so we had a booth right in the middle of all the action.  Security and analytics were big focuses of the conference this Dayhuff and Fasoo show charging station at IBM Insight 2015year as many organizations are trying to understand where they have sensitive information (the crown jewels) and how best to protect it from internal and external threats.

Bill Blake, Ron Arden and National Account Manager Alper Kizar were all in Vegas talking to customers, IBM staff and generally enjoying the warm weather.  Bill presented “Closing the Threat Gap: A 21st Century Approach to Minimizing Risk” to an enthusiastic audience at the Expo Theater.  Our partners Dayhuff and Neocol joined us in the booth and throughout the conference as many attendees were talking about securing the mountains of unstructured data in their companies.  Of course Vegas would not be complete without some fun, so Dayhuff held its annual get together at the Ri Ra Irish Pub.  The Irish definitely make some great beer and it was great to unwind with everyone after a long day at the conference.

During the different events, I heard a lot of recurring themes from attendees, vendors, speakers and security professionals.  I think they show the challenges CISOs, CIOs and other executives face as they try to move their businesses forward in an ever changing security landscape.  Here are a few of them.

clip_image001 Corporations do not have perimeters anymore

clip_image001 Security is everybody’s job

clip_image001 Monitoring data is hard, it’s like dust, it’s everywhere

clip_image001 Users are very naive about security and need to be educated

clip_image001 More than half of all data breaches are caused by human error

clip_image001 When you increase where the data is, it increases the risk

clip_image001 Being compliant doesn’t mean you are secure

Fasoo has the best approach to address each of these points through strong file encryption and persistent security policies that travel with the data.  Access to sensitive data is controlled through good identity management that ensures your sensitive data is protected and controlled regardless of location or device.  Working with existing applications and workflows makes it very easy for users to apply security to files, since they don’t have to think about it.  Automatic security policies apply the right level of access control as soon as someone creates a file.  This makes it easy to control unstructured data, whether it’s created locally or downloaded from an existing information system.

Check out some of the pictures from our busy October as the weather turns colder and the end of the year is in sight.  Hopefully we can help you create a secure work environment by protecting your most sensitive information from getting into the wrong hands.

Categories
Book a meeting