Confidentiality, Integrity, and Availability
Maintaining public trust, ensuring compliance, and delivering results for your community with data security and privacy
Protect
Safeguard against known threats or risks to security of data and privacy.
Prevent
Proactive steps to reduce the likelihood of new and emerging threats occurring on your watch.
Prepare
A well-rehearsed and resourced plan in place to mitigate the effects of an attack.
Resiliency
Small investments in proactive planning, education, and key resources.
Recent Local Government Hacks in the news
Disruptive cyberattack at Texas city prompts push for emergency declaration
Source: SC MediaTotal exposure of information belonging to Texas' City of Mission following a cyberattack against its computer systems has led Mayor Norie Gonzalez Garza to declare a state of local disaster …
St. Paul, MN, was hacked so badly that the National Guard has been deployed
Source: Ars TechnicaHacking attacks — many using ransomware — now hit US cities every few days. They are expensive to mitigate and extremely disruptive.
Kansas Court Hack: Attackers Stole Sensitive Data From Systems
Source: Cyber Security NewsThe cyber incident impacted the information system used by the Kanas judicial branch. Kansas’s appellate courts and district courts throughout 104 counties are experiencing daily disruptions as a result of this attack …
Frameworks
Requirements can be difficult and costly especially for smaller practices.
HIPAA – The Health Insurance Portability and Accountability Act of 1996 sets standards for protecting sensitive health information, not just for doctors and health care organizations but all organizations that hold sensitive patent health information (PHI). HIPAA
GBLA – FTC Safeguards Rule – The Gramm-Leach-Bliley Act (GLBA) is a federal law that protects consumer financial privacy and requires financial institutions to disclose their information-sharing practices and safeguard sensitive data.
State Cybersecurity & Privacy Laws
Plan Well. Sleep Well.
Frameworks
There are a number for frameworks that local government and public service organisations may be required to comply with.
NIST CSF
The NIST Cybersecurity Framework (CSF 2.0) can help organizations manage and reduce their cybersecurity through completion of specific steps across the six functional areas of Govern, Identify, protect, Detect, Respond, and Recover.NIST 800-171
The NIST 800-171 provides federal agencies with recommended security requirements for protecting the confidentiality of CUI when the information is resident in non-federal systems and organizations.NIST 800-53
The NIST 800-53 publication is a catalog of security and privacy controls to protect information systems and organizations against various threats and risks.CIS
The CIS framework’s 18 controls focused on protecting your organization by strengthening cybersecurity defenses, mitigate risks, and protect against common cyber threats.SOC 2
Based on five trust service principles, the System and Organization Controls 2 (SOC 2) is a compliance framework that evaluates how organizations manage customer data based on: security, availability, processing integrity, confidentiality, and privacy.ISO 27001
ISO/IEC 27001 is a risk-based information security standard for establishing, implementing, maintaining and continually improving an information security management system.Plan Well. Sleep Well.
Contactual Obligations
Be aware of your requirements, both state and federal.
CJIS
Law enforcement and criminal justice agencies are required to meet Criminal Justice Information Services’ (CJIS) Security Policy requirements, guidelines, and agreements to protect Criminal Justice Information (CJI).Cyber Insurance
From coverage eligibility to ensuring the best price and ensuring compliance with policy terms, cyber insurance applications and policy terms set forth details security and privacy control requirements.PCI
Insuring compliance with Payment Card Industry (PCI) security standards that protect cardholder data during credit card transactions is a fundamental element of fiscal and data security management.Our Focus Industries
Our Team.
Work with experienced professionals, not chatbots.
We know you want the best advices, service and support, so we bring our global and multi-industry experience direct to your business. No chatbots, no junior staff, you work directly with the experts.
Benjii Creevey
Thomas Schultz
Ben Shapira
Michael Brooks
Jason Durrant
Steve Duckworth