Ohio gets breach ready

On November 2, Senate Bill 220, known as the Ohio Data Protection Act, came into effect. The Act was signed by Ohio governor John Kasich back in August of this year. The Act is designed to legally incentivize organizations to implement cybersecurity programs.  

Organizations must implement a cybersecurity program that protects: 

  • The security and confidentiality of personal information 
  • Against potential threats or dangers to the security or integrity of personal information 
  • Against unauthorized access and obtaining personal information  

The organization’s program must also conform to one of the following frameworks: 

Achieving compliance with the Ohio Data Protection Act 

The NIST CSF is a voluntary framework primarily intended for critical infrastructure organizations to manage and mitigate cybersecurity risks based on existing standards, guidelines, and practices. However, the Framework has proven to be flexible enough to also be implemented by non-U.S. and non-critical infrastructure organizations. 

Learn how to implement the NIST CSF >> 

The ISO standards are set by the International Organization for Standardization, which promotes global industrial and commercial standards. ISO/IEC 27001:2013 (ISO 27001) is the international standard that describes best practice for an ISMS (information security management system). Complying with ISO 27001 helps your organization improve its information security practices.  

Check out our ISO 27001 solutions >> 

Get #BreachReady 

You can discover how to prepare for a data breach by visiting our #BreachReady page. We break the process down into six simple steps and recommend tools and services you can use to complete each task. 

Data Breach Assessment