Compliance & Regulatory Audits

GLBA Compliance Assessment

In the financial industry in 2010, 95 data breaches were reported to the Privacy Rights Clearinghouse, exposing 6.3 million records of depositors, clients, employees and other stakeholders. Periodic GLBA assessments are a requirement, not just for compliance but for sound business practice as well. SECNAP Network Security has been a trusted partner to the financial community since 2001. By leveraging our comprehensive portfolio of services, CIOs and CISOs, network and IT managers have been able to dramatically reduce vulnerabilities and enhance protection for their sensitive customer data.

The SECNAP GLBA audit identifies compliance and security vulnerabilities before they have a chance to become breaches by leveraging industry-leading tools and expertise. In addition to extensive hands-on experience, our professionally certified network security auditors employ a complete tool kit in order to evaluate risk in your organization and make practical recommendations for remediation. Tools may include automated testing, personnel interviews, policy reviews, procedural and process evaluations, in-depth analysis and more.

The most significant benefit of a GLBA Assessment is the peace of mind you’ll gain knowing that Gramm-Leach-Bliley Act requirements have been met, as well as those suggested by the Offices of Thrift Supervision and Controller of the Currency. The SECNAP GLBA audit will also:

  • Create a GLBA compliance benchmark for your organization, or provide a fresh third-party benchmark.
  • Identify strengths and weaknesses of current security practices, especially those protecting Non-Public Personal Information.
  • Prioritize exposures according to level of risk for IT convenience in addressing them.
  • Deliver remediation recommendations consistent with compliance regulations, corporate policy, and best practices in the financial industry.
  • Provide a repeatable methodology to facilitate periodic GLBA audits.
  • Prevent your organization from becoming a Privacy Rights Clearinghouse statistic.

Failure to comply with regulatory standards can result in the exploitation of vulnerabilities by hackers and other cybercriminals.  Identities may be stolen and sensitive or private information abused for malicious profit. Data breaches have far-reaching impacts, and in 2010 cost the average U.S. organization $7.2 million per breach in terms of remediation, notification and customer churn, according to the latest Ponemon Institute study.