Security Assessments Gain Traction As Privacy Law Grows

SECNAP Network Security Sees Uptick in Privacy Compliance Audits and Security Assessments

Boca Raton, Fla. – December 22, 2010 – Privacy legislation continues to gain traction and new laws are anticipated in 2011, causing many clients to accelerate their security assessment schedules and expand the types of security audits they are undertaking. SECNAP^® Network Security provides security consulting services and has witnessed a substantial uptick in these activities as well as in managed network security including intrusion detection and intrusion prevention services.

SECNAP reports that its security and compliance assessment business is up 40 percent over last year and its network intrusion detection and prevention (IDS/IPS) business has more than doubled.

Protecting information networks from unauthorized access demands a 24/7 commitment, and navigating the maze of federal and state regulations can be a daunting task for organizations whose core business is not network security or information privacy.

“There are ten federal laws I can think of, off the cuff, that govern data privacy. HITECH is probably the most definitive,” said Michael Scheidell, chief technology officer for SECNAP. “The Fair Credit Reporting and Equal Credit Opportunity Acts, Gramm-Leach-Bliley, Privacy Act, Right to Financial Privacy Act, Cable Communications Policy and Driver’s Privacy Protection Acts, even the Paperwork Reduction Act have provisions protecting personally identifiable information or PII. And then there are state statutes governing information privacy, including recent laws in Nevada and Massachusetts.”

No doubt there will be new security and privacy wrinkles stemming from the Dodd-Frank Act, and possibly from the pending Data Accountability and Trust Act (DATA) as well.

”The sheer volume and complexity of privacy regulation is probably one reason we’re seeing greater demand for compliance and security assessments and remediation support,” said Scheidell. “Another factor is resource limitations.”

There is sharp tension between caution and optimism in the current economy, and between preserving cash and safeguarding the business, according to a survey of 12,840 C-level and information technology executives by PricewaterhouseCoopers, CIOMagazine and CSO Magazine. Full survey results are reported in the 2011 Global State of Information Security Survey.

Organizations want to apply best practices, comply with the provisions that affect them, and secure their sensitive information, but it can be a bit overwhelming. “We provide expert guidance to help identify areas where they can experience the greatest return on investment,” said Scheidell. “We also develop strategic audit schedules, and provide remediation assistance, to enable them to do more with fewer resources.”

About SECNAP

SECNAP Network Security develops information security solutions that enable the secure conduct of business and e-commerce. The company’s award-winning SpammerTrap Email Security and Managed Network Security solutions ensure unrivaled 24/7 protection of client information assets. The company’s email encryption solution is among the finalists for the 2011 Global Excellence Awards sponsored by the Information Security Products Guide. An extensive portfolio of information Security Services includes external penetration testing, HITECH, HIPAA, GLBA, ISO and other compliance assessments, web application and wireless assessments, social engineering testing and more. Visit www.secnap.com.