CLARUS TECH PARTNERS

the clear choice

Cybersecurity & Data Privacy Compliance Solutions

 

Important Cybersecurity Regulation Updates During COVID-19: 

  • The New York State Department of Financial Services (NYDFS) has taken several steps in response to the COVID-19 pandemic and on March 12th released a compliance order and includes the following:  

    • NYDFS regulated entities may conduct licensable activities from their personal residences as long as the organization can maintain appropriate safeguards and controls with respect to data protection and cybersecurity.  However, entities may not conduct these same activities with members of the public from their personal residences.

    • The deadline for filing certifications of compliance with the cybersecurity requirements mandated by 23 NYCRR 500 17(b), as well as under transaction monitoring and filtering programs (under 3 NYCRR 504.4), are extended 45 days from the original due date.  Several other deadlines were extended as well, but missing from the list of reprieves is the requirement that the superintendent of the NYDFS is notified within 72 hours of a cybersecurity event covered by 23 NYCRR 500.17 (a).

  • ​On March 21, 2020, the data security requirements of the New York SHIELD Act became effective.  The Act, which amends New York’s General Business Law, represents an expansion of New York’s existing cybersecurity and data breach notification laws. 

  • California business community members are stepping up pressure on California's Attorney General Xavier Becerra to delay enforcement of the state's consumer privacy law, CCPA, arguing that the novel coronavirus pandemic has further complicated companies' efforts to get up to speed with their cybersecurity obligations.  However, the AG office recently said that they are committed to enforcing the law starting July 1st and "encourage businesses to be particularly mindful of data security in this time of emergency." 

  • Regarding GDPR, it is advised that organizations should consider undertaking a data protection impact assessment (DPIA) prior to collecting any personal data and/or and as much as it pertains to individuals' health, it would also fall within the sub-category of "special categories of personal data" (SCD) from individuals relating to COVID-19.

Today’s business environments are complex and the global economy has digitally connected businesses and customers in ways that help to move information, services and goods at lightning speeds.  This velocity of commerce and massive network of interconnectivity also means businesses are vulnerable to data breaches and intrusions on private data.

Clarus Tech Partners provides advisory, consulting and training solutions for data protection, data privacy, regulatory compliance, information systems, governance, and risk and compliance management for commercial, non-profit and government organizations.

 

Today’s business environments are complex and the global economy has digitally connected businesses and customers in ways that help to move information, services and goods at lightning speeds.  This velocity of commerce and massive network of interconnectivity also means businesses are vulnerable to data breaches and intrusions on private data.

Many new global data privacy laws have been or are in the process of being passed to address this growing problem of cyber attacks and to protect the individual’s rights to data privacy

Exposure to cyber risks should be a top priority for all business leaders today.  If you lose your data or are heavily fined for non-compliance, where will your business be? 

Affordable Compliance Tests & Assessments

  • Compliance does not need to be expensive for the small to medium sized business. 

Many business partners, clients, customers and regulatory agencies now require a penetration test or vulnerability assessment before they do business with your organization to ensure data regulations are followed and to protect their own data assets.

 

Comprehensive and attested compliance reports - discover potential risks and develop solutions for those risks.  Our detailed reports include an executive summary, remediation recommendations, IT remediation worksheet, severity level, and compliance status. 

Penetration Testing
Laptop Keyboard
  • Identify and exploit vulnerabilities by simulating real-world attacks to assess the security posture of your network

  • Detailed penetration report with CVSS scores and high, medium, and low vulnerabilities found and exploited with remediation guidance

GDPR Compliance Scan
gdpr compliance.png
  • Assess the security and integrity of your infrastructure to identify vulnerabilities against sensitive data and user information for General Data Protection Regulation (GDPR) compliance reporting requirements

  • Executive level and detailed technical report with remediation steps

Vulnerability Assessment
Forensics.jpg
  • Minimize the risk of a security breach by providing insights and guidance to properly secure your network

  • Executive level and detailed technical report with remediation steps for protecting against identified cyber risks detected during your vulnerability assessment

PCI Compliance Scan
PCI DSS Compliance sm.png
  • Fulfill PCI compliance reporting requirements for banks, card brands or other requesting entities you do business with and minimize the risk of compromise of cardholder data 

  • PCI data security scanning solution from our partner Approved Scanning Vendor (ASV) that meets all the PCI Security Standards Council requirements

We take a complete approach to your Data Security & Privacy Compliance. 

Technical - Legal - Organizational 

Clarus Tech Partners has a global team of legal, IT, cybersecurity and compliance experts to help your organization address your cybersecurity risks and data privacy compliance in the U.S., Europe and globally.

Clarus delivers clear solutions for your data security and compliance needs

Clarus Tech Partners provides cybersecurity and data compliance, including ISO, NIST, HIPAA, PCI, GDPR, CCPA, NYDFS, NY SHIELD assessments, consulting, training, and implementation solutions for small and medium-sized businesses in technology, financial services, real estate, healthcare, manufacturing & government.

Screen Shot 2018-09-12 at 6.40.22 PM.png
gdpr compliance.jpg
backboard.png