Why a WISP Is Important For Your Company

A Written Information Security Program (WISP) is documentation that describes the security controls, processes, and policies of an organization. In addition, a WISP is a roadmap for an organization's IT security that is required by law in several states.

A Written Information Security Program is intended to provide your organization with solid security procedures that not only reduce the likelihood of a breach but also limit your liability if one occurs.

Do You Have a WISP? (Written Information Security Program)

Michigan adopted a strict cybersecurity protocol for insurers licensed in the state. It sets out a standard to protect the non-public personal information of clients, customers, employees, contractors, and anyone else who gives private information to your business. One key part of the law is the requirement that insurers have a Written Information Security Program (WISP). Find out what’s included, and why you need it.

Michigan Sets Cybersecurity Standard for State Insurance Industry

For the past year, Michigan law has required insurers doing business in the state to put the cybersecurity needs of their customers first. By adopting a version of the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law, the state became the fifth in the nation to prioritize consumers’ personal security.

How to Make Your Company Website GDPR Compliant

You’re ready to start selling your products overseas, or maybe you already are. But the idea of violating the European Union’s internet privacy law is intimidating. Can your small business meet the EU’s demands? What do you need to do to make your company website GDPR compliant so you can do business internationally?

How Your Website Can Kill Your PCI Compliance

PCI compliance can intimidate business owners. When credit card transactions occur online it can feel like anything that happens is out of your hands – it is up to merchant service providers to make sure you are secure. In fact, your own website can kill your PCI compliance and put your customers’ personal data at risk.