accountants and business advisers
05 Aug 2019
The following is a rundown of what happened during the month of June 2019. We welcome your comments, insights and questions.
Tom’s Takeaway: This is a positive step forward in establishing expectations and accountability for any business that processes personal information. Should this bill be signed into law, we will release a special white paper on the specifics of this law and how to comply. Stay tuned.
Tom’s Takeaway: While Maryland is moving in the right direction, it is unfortunate that a major incident had to occur to push the movement. Cyber incidents can and will occur. The question is, are you ready? If you need assistance in understanding your cyber risk and how to effectively and practically manage and reduce that risk, we are always happy to help.
Tom’s Takeaway: Third-party risk is something every business needs to understand and manage. Any company, inclusive of an IT MSP, that will have access to your environment and/or store, process and transmit data on your behalf, needs to be assessed relative to the risk they present. Factors, such as the method of connectivity, the level of access to be provided, and the data they will handle, are all key considerations in determining the risk level. If you need assistance in developing a third-party risk management program or directly performing due diligence on a third party on your behalf, please feel free to contact me directly.
Tom’s Takeaway: Nowadays, we often equate information and cybersecurity breaches with external parties. The reality is that insiders also pose a significant threat that cannot be overlooked or underestimated. A motivated insider is at an incredible advantage compared to an external party, having a powerful tool in their arsenal ─ trust. When designing your information and cybersecurity program, you must account for the insider threat across the three main pillars of control: people, process, and technology.
Source: PKF O'Connor Davies
For more information on how our services can help your business get in touch.