Are there any recent changes or updates in privacy and compliance regulations that have impacted your role? How have you adapted to these changes?

126 views1 Upvote1 Comment

Sort by:

General Counsel2 years ago

The truth is that privacy and compliance regulations change constantly, so you need to be flexible. We typically address those through changes in our work plan. The federal government has spent a lot of time during the COVID pandemic especially rolling out these new telehealth enforcement initiatives, so we've obviously tried to address risks like that through the work plan. Technology changes so quickly that it’s almost impossible to simultaneously keep up with all the risks out there. With the explosion of technology comes the explosion of different attacks from bad actors. Part of our job is to ensure that those bad actors don’t get access to our network with patient records which has driven me to be more focused on ensuring we are prepared to have the right people, processes, and technology in place to protect the organization.

Content you might like

How long does your organization retain original systems logs used to filter SOX-related actions into a system that requires review of the logs and retains the filtered logs for seven years? Does your organization consider those original system logs records subject to record retention requirements, or supporting information used to create the SOX records?

90 Days13%

365 Days41%

3 years28%

5 years9%

7 years9%

Other (share in the comments)

View Results

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Do folks think the impact of the social media addiction cases in the state court JCCP and MDL N.D. California will be far and wide, seeping into insurance industry changes as well as technological, or will Section 230 save the day once more for platforms?

The case will settle; zero to minimal impact70%

Yes! But effects and repercussions are unknown30%

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Are there any recent changes or updates in privacy and compliance regulations that have impacted your role? How have you adapted to these changes?

Sort by:

Content you might like

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Do folks think the impact of the social media addiction cases in the state court JCCP and MDL N.D. California will be far and wide, seeping into insurance industry changes as well as technological, or will Section 230 save the day once more for platforms?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Which key pentesting capability do current AI-driven vendor solutions most fail to cover?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go