Back in November of 2016 our first prediction for the new year was – 2017 Will be a Historic Year for US Cybersecurity Legislation – and already we are seeing legislation being enacted. The first regulation this year and probably one of many to come is New York’s Cybersecurity Legislation. After a string of major breaches, New York is taking action. This legislation mandates banks, insurance companies and other financial institution to have a cybersecurity plan in place to protect customer information.
Within the New York cybsecurity regulation is the requirement, “Implementing third-party information security policies,” (Sections 500.05-500.17) which happens to correlate with our #4 prediction – Organizations will be More Stringent on the Security of Their Third-Party Vendors and Collaboration Partners. This part of the regulation mandates an organization to either implement security protocols, or conduct an “audit” with their third-parties to maintain compliance. Protecting or auditing information that is in the hands of a third party could be a herculean effort to implement and maintain. A more streamlined and secure approach would be to implement a data-centric security strategy, that includes a Digital Rights Management solution. Rather than making sure the third-party is in compliance with all the security rules through audits, proactively protecting information sent to third parties with persistent usage controls would ensure sensitive information remains under the company’s control at all times.
Also, the next requirement in the legislation requires implementation of an audit trail. With Digital Rights Management, an audit trail of the file usage, as well as any unauthorized attempts to use the file would be tracked to uncover any suspicious activities with a third party.
Here’s the list of our Top 6 Data Security Predictions for 2017. To read the full version, download it here.
- 2017 Will be a Historic Year for US Cybersecurity Legislation
- Global Leader’s Will Take Steps Towards Establishing Standards for Cyberwarfare (InfoSec Geneva Convention)
- Hackers will Continue to Exploit the Weakest Link (Service Providers & Law Firms Beware…)
- Organizations will be More Stringent on the Security of Their Third-Party Vendors and Collaboration Partners
- InfoSec Teams Will Give Up On Perimeter Security, and Instead Adopt a Data-Centric Approach
- Data-Centric Security Solutions Will Become an InfoSecurity Fundamental, Joining the Ranks of Anti-Virus and Firewall Technologies