The Federal Trade Commission is seeking to ramp up mandated cybersecurity efforts for financial institutions by altering the Gramm-Leach-Bliley Act’s Safeguards Rule, which requires financial institutions to develop, implement and maintain a comprehensive information security program.
“People are not generally doing what we would consider risk assessments,” said Chris Cronin, a partner at HALOCK Security Labs. “Instead, they’ll have an auditor come in and run an audit.”