GLBA Compliance: The Legislation, the Standards, and the Guidance
In this article, we’re going to clarify what GLBA is, and what people mean when they say GLBA as it relates to regulatory compliance.
In this article, we’re going to clarify what GLBA is, and what people mean when they say GLBA as it relates to regulatory compliance.
A look at the CISA's proposed rule in the Federal Register titled Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements.
On February 26, 2024, the NIST published an update to their Cybersecurity Framework (CSF). In this article, we’ll discuss six key updates and talk about what it means for you.
On September 29, 2023, the Federal Deposit Insurance Corporation (FDIC) announced the updated Information Technology Risk Examination (InTREx) procedures. If you’re curious about what changed, you’ve come to the right place.
On November 13, 2023, the Federal Trade Commission published a Final Rule in the Federal Register updating the Safeguards Rule. The rule includes changes to the incident notification requirements for financial institutions.
On Tuesday, October 24, 2023, regulators published an updated version of the Ransomware Self-Assessment Tool (R-SAT). In this blog, we’ll discuss what the R-SAT is, what got updated, and what you need to do about it.
In this article, we will look at the top features to consider when evaluating a phishing security awareness software.
In this article, we answer the question, "What’s the difference between policies, standards, controls, and procedures?" by setting definitions, looking at guidance, and providing some examples.
There are a lot of ways to write a policy and there are equally as many things to avoid. At Tandem, when we sit down to write a policy, we break our policies into the following key sections.
In this article, we will discuss why your policies are important and give you six tips to make sure they live up to their fullest potential.
In this article, we discuss how exactly to determine which incidents must be reported to your federal regulator, per the legal definition.