While the Cybersecurity Regulations require several technical controls (e.g., monitoring network activity and implementing multi-factor authentication and encryption), most of the requirements involve instituting information governance (“IG”) practices and structures to manage cyber risks. In the following, we set out five steps which address the key IG issues and requirements that can help your organization come into compliance with the Cybersecurity Regulations.
The information in any resource collected in this virtual library should not be construed as legal advice or legal opinion on specific facts and should not be considered representative of the views of its authors, its sponsors, and/or ACC. These resources are not intended as a definitive statement on the subject addressed. Rather, they are intended to serve as a tool providing practical advice and references for the busy in-house practitioner and other readers.