Core Advisory
Risk Transformation
Enterprise Security Architecture
Cyber Defense and Incident Response
Emerging Technologies & AI
AUSTIN, Texas, Jul. 12, 2016 – Edgile, a leading security and risk consulting services firm, today released its Q2CY16 GRC (Governance, Risk and Compliance) Content report that provides regulatory updates to customers across a range of industries and examines significant data breaches in Q2. This report informs customers about new laws and regulations affecting them – covering PCI DSS, GLBA, HIPAA and more – so they can remain compliant and better protect against cyberattacks.
Ransomware attacks such as CryptoLocker and CryptoDefense are becoming more frequent and sophisticated. These attacks run executable code that secretly encrypts key files on an infected device before displaying a “ransom” note demanding payment (usually in Bitcoin or other e-currency) in order to decrypt the files via a private key. For instance, the University of Calgary recently paid almost $16,000 to recover data held hostage by hackers. Earlier this year, Hollywood Presbyterian Medical Center paid 40 bitcoins (about $17,000) in order to have its compromised systems restored.
“Companies who remain compliant and up-to-date on constantly changing requirements are less likely to experience data security breaches,” said Don Elledge, CEO of Edgile. “The latest edition of our report includes new controls and requirements that impact our customers.”
The Q2CY16 report includes significant changes that affect businesses such as new controls in existing PCI DSS requirements and new provisions imposing duties on service providers to detect and report on failures of critical security control systems. The report also covers a set of security controls created by the Cloud Security Alliance (CSA) to help businesses assess the risks associated with a cloud computing provider.
How to Subscribe
Edgile maintains its own database of industry-specific harmonized laws and regulations known as the Edgile GRC Content Library, which is available on a paid, quarterly subscription basis to help clients address their compliance and regulatory requirements. This database is maintained by Edgile compliance experts in PCI DSS, Sarbanes Oxley, FFIEC, GLBA, FRB Reg A-YY, HIPAA, Privacy, FDA, NERC CIP and more. It monitors federal regulatory amendments and state privacy laws, including new state sources for personal information protection, security breaches, data sharing, identity theft and notification.
By subscribing to the Edgile GRC Content Library, clients effectively shift the burden of staying on top of regulatory complexity to Edgile. Companies interested in subscribing should contact: iGRC@edgile.com. The GRC Library is easier to implement and maintain than other options and integrates with existing client resources such as policies, standards and SOX interpretation. Annual subscriptions are available for the following industries:
- Financial Services
- Healthcare
- Life Sciences
- Retail
- Government
- Manufacturing
- Energy and Utilities
- Gaming (MICS)
About Edgile
Founded in 2001, Edgile provides strategic security and risk consulting services to Fortune 500 companies. Edgile’s stellar reputation is built on high quality services, leading-edge practices, and a focus on the most challenging security issues.