Managed Service Providers Under Attack In the past month, a Managed Service Provider (MSP), or what many registered investment advisers might utilize as their outsourced IT Provider, was breached, exposing up to 2000 user endpoints to issues of disruption and perhaps worse. The IT Vendor was subsequently urged to pay ransom of [...]
11 Key Reasons To Develop a Governance Plan For much of the Information Age, allowing information (even after its business function is fulfilled and there is no other obligation to keep it) to accumulate was relatively risk-free since storage devices were so cheap. But recently, three important developments have changed all this: [...]
Data Classification, Retention, and Security Part 1: What Do We Have Here? Recent SEC and DOJ guidance has placed great emphasis on Data Security through Data Classification. Regulators are expecting you to classify your information based upon criticality and sensitivity, but where do you begin? Take a minute and think about all the [...]
Evidence continues to mount for broad acceptance of NIST CSF Action Item: Executives, General Counsels, Compliance Officers, and Board Members, across industries, should consider these principles. Last week (April 17, 2015), the National Association of Insurance Commissioners (NAIC) adopted twelve basic principles to provide guidance to insurers, producers, and other regulated entities. [...]
Periodically, the heat is turned up on the Legal Industry and recently the New York Times reported on the concept of information sharing between Wall Street Banks and Law Firms.[1] This came to mind as I had breakfast with one of the policy architects of public/private initiative which led to the creation [...]