combsandco


Feature Friday with DYKT? Snippets

“Fall down seven times, stand up eight.” Japanese Proverb

Resilience is a foundational component of human nature and business.  The ability to get up sometimes is all that separates the successful from the also-rans, because getting knocked down is unavoidable in many instances.  Like cyber.

The phrase du jour about cyber is, it’s not if but when you’ll experience a cyber event.  Unfortunately, this is not hyperbole; it’s 99.782% fact, especially for businesses.  So what’s a business to do?  Get resilient.

DYKT? Snippets Ep. 3 touches on cyber resiliency, cyber risks, and where cyber insurance fits into the picture.  The five videos take less than 20 minutes but could prove invaluable in preparing your business for the inevitable.

Music: “Camaro” by Oliver Michael via Artlist



Feature Friday with Rebecca Rakoski

“No longer are technology and cyber issues confined to tech geeks in some backroom. In the digital age, IT issues are front and center.”  Will Hurd

2021:17

During my 25+ years in and around technology, the most common refrain from those on the business side of a company when it came to cyber was, “It’s an IT problem.”  That is not the case any longer.  Your IT folks have to be involved in the discussion, but cyber is most definitely a business problem now.  Don’t believe me?  Maybe my next guest on Did You Know That? can convince you.

Rebecca Rakoski is a founding partner of XPAN Law Partners, a practice primarily dedicated to their client’s cyber welfare.  Our conversation focuses on what that means for businesses; some best practices required to stay in “compliance;” and a host of other elements of a cyber program.

Website: https://xpanlawpartners.com/

LinkedIn (personal): https://www.linkedin.com/in/rebecca-rakoski-esq-1460b116/

LinkedIn (firm): https://www.linkedin.com/company/xpan-law-partners/

Twitter: @XPANLawPartners

Email: rrakoski@xpanlawpartners.com



Feature Friday with DYKT? Snippets

“The five most efficient cyber defenders are: Anticipation, Education, Detection, Reaction and Resilience. Do remember: Cybersecurity is much more than an IT topic.” Stephane Nappo

And now Part 2 of the 2-part premiere of DYKT? Snippets.  We’re closing out the conversation about the New York State Department of Financial Services (NYSDFS) Part 500 cyber regulations.  Be sure to watch Part 1 before diving into these videos.

For context, here are some links for the regulations & the actual requirements:

Who NYSDFS Supervises: https://www.dfs.ny.gov/who_we_supervise

NYSDFS Industry Definitions: https://www.dfs.ny.gov/institution_definition

NYSDFS Cybersecurity Resource Ctr: https://www.dfs.ny.gov/industry_guidance/cybersecurity

Regulation Sections:

500.02 – Cybersecurity Program

500.03 – Cybersecurity Policy

500.04 – Chief Information Security Officer (exempt)

500.05 – Penetration Testing & Vulnerability Assessments (exempt)

500.06 – Audit Trail (exempt)

500.07 – Access Privileges

500.08 – Application Security (exempt)

500.09 – Risk Assessment

500.10 – Cybersecurity Personnel and Intelligence (exempt)

500.11 – Third Party Service Provider Security Policy

500.12 – Multi-Factor Authentication (exempt)

500.13 – Limitations on Data Retention

500.14 – Training and Monitoring (exempt)

500.15 – Encryption of Nonpublic Information (exempt)

500.16 – Incident Response Plan (exempt)

500.17 – Notices to Superintendent

Music: “Camaro” by Oliver Michael via Artlist



Feature Friday with Judy Selby

“Rather than fearing or ignoring cyberattacks, do ensure your cyber resilience to them.” Stephane Nappo

Episode 2021:13

In a few decades, historians will write tomes explaining how the world evolved into its current state based on the 366 days that made up the year 2020.  Among the explanations will be lessons learned during the intervening years and the mistakes repeated.  Those in the technology arena don’t have the luxury of learning lessons over time or of repeated mistakes.

The next guest on Did You Know That? knows the perils of technology, but she’s more interested in how companies protect themselves from those perils.  Judy Selby is an attorney, with a specialty in cyber insurance (a subject with which I’m familiar).  Our conversation is about how businesses prepare for the inevitable cyber event and how they can thrive after being hit.  This is a must watch/listen.

Find out more about Judy and her expertise via the links below:

LinkedIn: https://www.linkedin.com/in/judyselby/

Hinshaw website: https://www.hinshawlaw.com/professionals-judith-selby.html

Music: “Caution” by Skrxlla via Artlist