BCP

NY DFS Cybersecurity Regulation: Are your 3rd Party Controls in Place Before the Hammer Drops?

With the March 1, 2019 deadline looming for complying with NY’s Cybersecurity regulation, the NY DFS must be licking its chops at the prospect of imposing fines. Actually, I’m sure they really hope that all covered entities are up to snuff and have sent in their signed certifications or exemptions. “Signed certifications or exemptions?” you ask. [...]

A Vendor’s Incident Response Plan is Only Half the Story!

When outsourcing services to vendors where sensitive/confidential data or critical services are involved, most of us request some combination of Business Continuity Plan, DR Plan, DR test results and Incident Response Plan. That's only half the battle. Of particular interest is the Incident Response Plan. The IRP is certainly something you'd want to review but all [...]

Plan Your Exit Before You Outsource!

When considering outsourcing a service, it's essential to have an Exit Strategy in place so that you can transition the service to another vendor or bring it back in house prior to or at the end of the contract term. This should be done before you even consider searching for a vendor. A well thought out [...]