From NSTIC to Improved Cybersecurity: U.S. Government Updates ICAM Policy

From NSTIC to Improved Cybersecurity: U.S. Government Updates ICAM Policy

/ / ICAM, IDESG, legal, NIST, NSTIC, OMB
The following article, authored by Michael Magrath, Director, Global Regulations & Standards, first appeared 4/13/18 on CSO Online. Seven years ago, the Obama Administration published the National Strategy for Trusted Identities in Cyberspace (NSTIC). NSTIC called for an Identity Ecosystem, “an online environment where individuals and organizations will be able ... Read More
Financial Services Cybersecurity: NY DFS & NIST Align on Multi-factor Authentication

Financial Services Cybersecurity: NY DFS & NIST Align on Multi-factor Authentication

The following article, authored by Michael Magrath, Director, Global Regulations & Standards, first appeared 2/28/18 on CSO Online. The New York State Department of Financial Services (DFS) regulates over 1,400 insurance companies and approximately 1,500 banks and financial institutions1. Not surprisingly, with New York being the “financial capital of the ... Read More
Stolen Credentials on the Dark Web: A Wake Up Call for Organizations Using KBA

Stolen Credentials on the Dark Web: A Wake Up Call for Organizations Using KBA

Recent news accounts of security researchers discovering a database containing 1.4 billion breached credentials — reportedly, the largest such find on the Dark Web — is yet more evidence that online identity proofing that relies only on KBA (knowledge based authentication) and static passwords is no longer fit-for-purpose. The level ... Read More
GDPR

Privacy Laws: Who Owns Personal Data?

Who owns your data, and what privacy laws govern it? Well, that depends on where you live. If you own it, you should have control over it. If you don’t own it, how secure is it? Recent data breaches that affected the majority of Americans have began a national dialogue ... Read More
NYDFS Cybersecurity Regulation Affects Insurance & Finserv Sectors

NYDFS Cybersecurity Regulation Affects Insurance & Finserv Sectors

Earlier this year, the New York State Department of Financial Services (NYDFS) significantly increased the cybersecurity requirements for any financial services company doing business in the state. Given that New York City is the “Financial Capital of the World”, there are few organizations unaffected by the Cybersecurity Requirements for Financial ... Read More
Why Telehealth Needs Secure Patient Identification Practices

Telehealth Needs Secure Patient Identification Practices: What I Found Out From My Telehealth Experience

I recently registered as a patient on a leading telehealth provider’s website. I was very surprised around the lack of identity assurance. The only verification requested was my insurance card and I had the option of skipping that step since insurance is not a prerequisite for service. WOW! In an ... Read More