The new Safeguards Rule mandates nine requirements to help make your business become defensible from cyberattacks that may leave your financial data at risk – and the deadline is quickly approaching.
3/14/2022 10:30 A.M.
That deadline is June 9, 2023, and with only three months left to become compliant, TPx can provide helpful solutions to help your business become defensible.
We know that so many new requirements are overwhelming, and that’s why we suggest getting started right away.
ACA International has tapped TPx as its Safeguards Security Partner of Choice. Here’s how we would tackle some of the Safeguards Rule requirements.
- Identify an organization to head up your cybersecurity program. If you don’t have a qualified individual to own the program, TPx can act as the owner of your program. TPx can define, create, maintain and report on the program per FTC Safeguards Rule definition.
- Conduct a written risk assessment. Using the industry standard NIST 800 series best practices, TPx security consultants will review and identify areas of compliance, areas of adjustment, and areas of creation needed per the Safeguards Rule. The report from the best practice review will be provided and utilized to be defensible for the Safeguards Rule. The results of the annual Risk Assessment are further used to inform the formation and ongoing oversight of the security program, policies, and processes. It provides a roadmap for program improvements based on a quantitative evaluation of risk across the environment.
- Train staff in security awareness. Boost your user security by reinforcing employee best practices with Security Awareness Training and Managed Inbox Detection and Response provided by TPx.
- Prepare for potential cyber-attacks. All qualifying organizations must perform an annual Penetration Assessment, and a vulnerability scan of their environment twice a year. TPx can perform penetration and vulnerability scans to identify vulnerabilities and provide recommended mitigations. Upon implementing recommended changes, TPx would perform a validation scan to ensure the customer has re-mediated defined risks.
These are just some examples of what TPx can provide your business to help mitigate risks and become defensible. Our offerings are based on the best practices derived from Information Security Standards.
Combined with our extensive experience deploying, architecting, operating, and securing environments nationwide, you’ll find the industry’s best solutions packaged into one fully managed or co-managed service.
The penalties for non-compliance are harsh. You may be fined up to $100,000, so it’s worth going through each requirement, step by step, to make sure you’re covered. We can help you create, maintain, and even own your cybersecurity program for you.
Contact us at TPx.com/ACA to start preparing without the stress and hassle of trying to do it in-house