The following article was written by John Carbo, Director of Information Security at Abacus Group, and originally appeared on MarketsMedia. 

In the past, cybersecurity responsibilities at investment firms might have been left to the compliance department. In 2017, the New York Department of Financial Services (DFS) mandated that “senior management must take this issue seriously and be responsible for the organization’s cybersecurity program.” The firm is still responsible when it uses a third-party IT service provider.

The following article was written by Jonathan Bohrer, CFO at Abacus Group, and originally appeared on Corporate Compliance Insights.

Addressing the human factor of cybersecurity

Most organizations’ security and data protection efforts are seriously lacking – particularly when it comes to the human element. Abacus Group’s Jonathan Bohrer outlines three components of a successful cyber compliance program: education, protection and monitoring.

The following originally appeared on SC Magazine UK, contributed by Paul Ponzeka, CTO at Abacus Group.

Fact and fiction - a summer reading list for pros and others interested in cyber-security to help enlighten, educate and entertain, and while they may be from a US perspective, the lessons are international.

Often, fact is stranger than fiction. Cyber-security professionals know that for sure. So, for a summer reading list pros and others interested in cyber-security may be interested in these books to help enlighten, educate and entertain, and while they may be from a US perspective, the lessons are international. 

By Todd Avery, Manager of Information Security at Abacus Group

Throughout the year, we send members of our dedicated security information team to industry conferences, so they can continuously gain insights into the latest threats and best practices in cybersecurity. Most recently, several members of our team attended the 2019 Cyber Security Summit in Dallas, Texas. Hosted in different cities each year, the purpose of this particular event is to bring together cybersecurity professionals to discuss the newest technologies and trends taking place in the cybersecurity world.

By John Carbo, Director of Information Security

The SEC OCIE published a risk alert recently entitled “Safeguarding Customer Records and Information in Network Storage – Use of Third Party Security Features” which contains three main observations:

• Misconfigured network storage solutions.
• Inadequate oversight of vendor-provided network storage solutions.
• Insufficient data classification policies and procedures.

Our AbacusFLEX and AbacusFLEX-Hybrid platforms are designed to meet or exceed regulatory security requirements by following policies and procedures set forth by NIST, COBIT, ISO, Center for Internet Security and the Cloud Security Alliance. 

Here is how Abacus addresses the OCIE Risk Alert’s observations:

January 28 is Data Privacy / Protection Day. Abacus Group is an official Data Privacy Day Champion. In addition to the infographic below, be sure to check out our post with data privacy tips and tools. #PrivacyAware