23 NYCRR 500 Cybersecurity Regulation

Cybersecurity vulnerabilities are a constantly growing concern, and it’s increasingly important for organizations to adopt formalized cybersecurity programs. Compromised information, whether in the hands of organized crime or rogue individuals, can seriously impact the security of employees, the company, and most importantly, customers. This growing threat presents a double challenge for organizations, which must manage…

HITRUST Common Security Framework (HITRUST CSF)

Due to the nature of the services they provide, healthcare organizations must adhere to strict risk management – and specifically, regulatory compliance – requirements. The multiplicity of healthcare requirements is a strong motivation for effective risk management, especially in conjunction with the sensitive nature and high number of patient records stored in electronic systems. Furthermore,…

Operational Risk Management

What is Operational Risk Management? Operational risk encompasses all risks faced by an organization during the course of its daily business functions. There are 5 main buckets of the root cause source of all operational risks: External - threats from people, entities, and environments outside the business, like financial markets and cyber attackers Processes -…