home.aspx
 
. https://www.alstonprivacy.com/ftc-announces-new-cybersecurity-requirements-privacy-rule-update/
blog article
FTC ANNOUNCES NEW CYBERSECURITY REQUIREMENTS, PRIVACY RULE UPDATE
In March, the Federal Trade Commission announced proposed updates to two key privacy and security regulations, the Safeguards Rule and Privacy Rule. Both rules implement regulations under the federal Gramm Leach Bliley Act, and the FTC seeks comments for both. The FTC’s proposed update to the Safeguards Rule would impose a number of information security requirements partially modelled off of New York’s Cybersecurity Regulations. These include requirements to: designate a Chief Information Security Officer, required to report annually in writing to the board of directors or equivalent body regarding the status of the institution’s information security; develop an information security program based on a written risk assessment; oversee service providers, including periodic risk assessments of the continuing adequacy of service providers’ safeguards; and develop a written incident response program. The new Safeguards Rule would require a financial institution’s information security program to include the following elements: access controls. READ MORE