Triad InfoSec has helped a wide assortment of organizations, organizations, and associations with their GLBA compliance needs. We have helped organizations all things considered, from the little bookkeeper, to the multi-area CPA firm.
GLBA requires an incident response plan to be in place, and if you include it in your IT disaster-recovery (DR) or business continuity (BCP) plans, you can easily show examiners how the company will respond to the business disruption caused by a security breach such as data theft or a denial-of-service attack.
Digital assaults planned for accounting and financial firms are a moderately new and intense danger. Fundamental to this pattern is the way that firms keep up a plenitude of individual and financial information, and serve numerous customers. Getting to a company's customer base and related information is a definitive prize for digital culprits, so hacking endeavors are rising quickly. Actually, the IRS appraises that 3-5 firms for each day are breached, their information now in the hands of digital hoodlums.
These attacks can be mitigated and transferred though our triad of services. Technology, Training and Insurance.
In 1999, the Federal Trade Commission (FTC) enacted the Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999. While sophisticated cyber-attacks on accounting firms were rare at the time, the GLBA was enacted to protect consumers’ private financial information and govern the collection and disclosure of clients’ financial information primarily by financial institutions and others, including by CPAs, accountants and tax professionals
Since compliance with the GLBA is required, there are extreme punishments for rebelliousness. These punishments incorporate detainment for as long as five years, fines or both. An firm can be fined up to $100,000 for every infringement, while officers and partners can be fined up to $10,000 for every infringement.