The FTC Safeguards Rule applies to more businesses than most expect – and compliance requires more than most have documented. FTC Safeguards Rule compliance is an active federal obligation for any organization that qualifies as a financial institution under the Gramm-Leach-Bliley Act – a category that is considerably broader than it sounds. The rule is … Read more
The 2024 SEC Regulation S-P amendments changed what registered investment advisers are required to maintain. SEC Regulation S-P investment adviser cybersecurity obligations changed significantly with the amendments that took effect in 2024. For registered investment advisers, SEC Regulation S-P compliance requirements 2024 now include a written incident response program, a defined capability to notify affected … Read more
Where most dealership compliance programs end is where the FTC’s 2025 guidance expects them to begin. FTC Safeguards Rule auto dealership compliance has been a legal obligation for dealerships arranging or facilitating consumer financing since June 2023. What changed in June 2025 is that the FTC released its first set of Frequently Asked Questions specifically … Read more
Compliance vs security is one of the most misunderstood distinctions in modern IT environments. Compliance creates comfort.Security creates resilience. The two are often conflated, largely because compliance is visible. It produces reports, checklists, attestations, and passing scores. When an organization can demonstrate that it meets required standards, it feels reasonable to conclude that risk is … Read more