Having a comprehensive business continuity plan (BCP) in place will help ensure that your business doesn’t suffer any downtime in the event of a disaster, which may include natural disasters, such as floods, fire, weather-related events, and cyberattacks. If you’re not prepared, these disasters can have catastrophic consequences on your business, including loss of productivity, loss of revenue, as well as damage to your reputation and your relationships with your customers.

How much does it cost to become compliant with the Payment Card Industry Data Security Standard (PCI DSS)? It is challenging to put a number or an actual figure of becoming PCI compliant. The reason exact dollar amounts become a problem to predict is it depends on the size of the organization, whether they are eligible for the PCI Self Assessment Questionnaire (PCI SAQ), and the way they handle and store customer information.

Institutions of higher education (IHEs) are besieged by risk, especially cybersecurity and information security risk. Risk management for these institutions is critical but also extremely challenging, like trying to juggle balls and lighted torches all at once.

Today’s network and data security environments are complex and diverse. There are hundreds of pieces to a security system and all of those pieces need to be looked at individually and as a whole to make sure they are not only working properly for your organization, but also safe and not posing a security threat to your company and your data or the data of your customers.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was signed into law before the rollout of major social media sites such as Facebook, Twitter, and Instagram. And as such, there are no specific HIPAA rules for social media. However, some HIPAA laws and standards apply to the use of social media by health care organizations and their workers. Because of that, each health care organization must implement a HIPAA social media policy to decrease the risk of HIPAA violations.

Organizations are often left wondering what is the difference between a certification granted by representatives of the Payment Card Industry (PCI) and that of obtaining compliance.

Dr. Maxine Henry, one of Reciprocity’s renowned GRC experts, led a webinar on the California Consumer Protection Act (CCPA). This sweeping legislation creates data privacy rights for covered consumers—which means it also imposes obligations on businesses to safeguard personal information. Before implementation on January 1, 2020, Dr. Henry discusses how to prepare.

The Sarbanes-Oxley Act of 2002 (SOX) is a law that implements regulations on publicly traded companies and accounting firms. SOX was created to improve the accuracy and reliability of corporate disclosures in financial statements and to protect investors from fraudulent accounting practices.

Organizations face an increasing number of compliance metrics. Risk management is of paramount importance and is feeding the need for governance. Terms like PCI DSS and NIST CSF are two frameworks that help enhance data security and manage risk. Often, it is the confusion on where businesses need to start that prevents them from taking action at all.