Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When a leading financial technology provider began posting record success and rapid customer growth, it needed a holistic security strategy to protect its customer data and comply with regulations such as the Payment Card Industry Data Security Standard (PCI DSS) and the California Consumer Privacy Act (CCPA).

It’s 3pm on a Wednesday, and you’re really just done with the week already. You hear that “ping” from your Slack and know that you set notifications for direct messages only, which means, ugh, you have to pay attention to this one. It’s your boss, and she’s telling you to check your email. Then you see it, the dreaded audit documentation request. This will take you the rest of today and most of tomorrow.

Cyber security risks have never been more apparent and costly. According to the survey data, the average cost to the U.S. organizations that experienced a cybersecurity breach in 2020 was approximately 8.64 million dollars per incident, up almost a half-million dollars from 2019. Rates of cyber security attacks and identity theft have significantly increased and seem to be only becoming easier for hackers and cybercriminals.

Broadly speaking, an information security program is a set of activities and initiatives that support a company’s information technology while protecting the security of business data and enabling the company to accomplish its business objectives. An information security program safeguards the proprietary information of the business and its customers. The Gramm-Leach-Bliley Act (GLBA) has a more specific definition of what a security information program should entail.

Compliance is a key part of any organisation and in business terms, it is about ensuring companies of all sizes and their employees comply with existing national and international laws. In the UK the Companies Act 2006 is the main legislation that forms the primary source of company law and businesses of all sizes must ensure they adhere to it to remain compliant.

The Gramm-Leach-Bliley Act (GLBA) aims to protect consumer financial privacy with three provisions: the Financial Privacy Rule, the Safeguards Rule, and the Pretexting Provisions. In our previous post, we covered the GLBA Financial Privacy Rule and what financial institutions, as defined by the GLBA, need to know to be compliant.

Today, Calligo announced that we have partnered with BigID. The BigID data intelligence platform enables organizations to know their enterprise data and take action for privacy, security, and governance. This partnership will enable Calligo to provide clients with the ability to proactively discover, manage, protect, and gain more value from their regulated, sensitive, and personal data across their data landscape.