The Gramm-Leach-Bliley Act (GLBA) applies to many types of financial institutions, like banks, savings and loans, credit unions, insurance companies and securities firms. It requires those organizations to explain their information-sharing practices to their customers and to protect sensitive data. On November 15, 2022, The FTC announced a six-month extension for companies to comply with data security provisions in the GLBA. The new deadline is June 9, 2023.
The provisions affected by the six-month extension include these requirements:
- designate a qualified individual to oversee their information security program
- develop a written risk assessment
- limit and monitor who can access sensitive customer information
- encrypt all sensitive information
- train security personnel
- develop an incident response plan
- periodically assess the security practices of service providers
- implement multi-factor authentication for any individual accessing customer information
How Sedara Can Help You with GLBA
Sedara is a premier provider of information security services focusing on Compliance, vCISO, Risk Assessments, SIEM, EDR, and penetration testing. We know that it takes an innovative and flexible approach to provide meaningful, value-added security services to today’s businesses or organizations. By working with Sedara on your cybersecurity program, your organization will have the benefit of an experienced and dedicated cybersecurity team.
Contact Sedara today if you need help implementing GLBA or any other compliance requirements.