Finding Problems Before the Bad Guys: A Legal and Technical Discussion on Penetration Testing and Managed Security ServicesPDF Property Casualty Association of America (PCI) 29th Annual Western Region General Counsel Seminar
On Thursday, July 26 from 10:55 AM - 11:45 AM, M&R founding partner Mark Robinson and cybersecurity partner Scott Lyon participated in the panel presentation "Finding Problems Before the Bad Guys: A Legal and Technical Discussion on Penetration Testing and Managed Security Services."
The new cybersecurity regulations from New York’s Department of Financial Services (NY DFS) require annual penetration testing, biannual vulnerability assessments, and continuous security monitoring. But what does this mean for the average brokerage or agency? If security vendors find problems, how do you prevent those reports from being disclosed to opposing counsel following a data breach? Mark and Scott discussed how to structure a relationship with a managed security services provider to both satisfy your regulatory compliance obligations, as well as provided invaluable information to help you manage current threats in your environments and enhance the maturity of your InfoSec programs.