Do you need to revisit your cybersecurity plan? That’s a valid question. This blog will cover recent changes to the FTC Safeguards Rule and what you need to know, based on your industry.
The FTC recently hosted a national forum, asked for public comments, and reviewed commentary from consumers and businesses. The result is a revised Standards for Safeguarding Customer Information, also often referred to as the Safeguards Rule.
In a nutshell, the rules require financial institutions within the FTC’s jurisdiction to have proactive measures that work to protect customer information and keep it secure.
Don’t be fooled when you read “financial institutions.” The actual umbrella of the Safeguard rules is much larger than it sounds–an entity is considered a “financial institution” if it’s engaged in an activity that is “financial in nature” or is “incidental to such financial activities.” So if you’re thinking that because my business isn’t a bank, I’m good, think again. The Rules may still apply to you. Here are some examples of institutions that would fall under the Rules:
If the answer to either or both of these questions is “no,” it’s time to take a closer look at what your organization is doing to prioritize cybersecurity. This new publication is an important reminder of the responsibility of financial institutions to ensure their business practices reflect current protocols and laws and address new security risks.
Additional information from the FTC:
If this blog has made you realize that it might be time for a cybersecurity update, good for you! Prevention is the name of the game when it comes to cybersecurity. At PK Tech, we work with small to medium-sized businesses in the Greater Phoenix Area to provide IT security assessments, ongoing support, and help on special consulting projects. To get in touch with our team, contact us here.