Cybersecurity and Privacy Compliance

Key industry sectors continue to raise the cybersecurity bar for their covered entities by developing increasingly demanding standards and operational expectations around cybersecurity and privacy. Governments are beginning to follow the lead of the EU’s General Data Protection Regulation (GDPR) to toughen privacy requirements and sanctions. Ankura expects to see compliance regimes become increasingly strengthened and penalties rendered more punitive. Understanding organizational cybersecurity and privacy compliance should be the concern of chief compliance, privacy and risk officers, general counsels, internal audit and board audit, risk and compliance committees – especially for regulations that require personally signed certifications of compliance and that could trigger cybersecurity directors’ and officers’ liability.

Ankura’s cybersecurity, privacy and data governance professionals provide expert independent assessments of clients’ compliance with, and audit readiness for, many of the most pervasive standards and regulations in key industries. We provide practical, no-nonsense roadmaps toward compliance validation and certification around these and other requirements:

  • 23 NYCRR Part 500 (New York State financial services regulation) and other state implementations of the NAIC Model Law
  • HIPAA security and privacy, OCR audit readiness, and meaningful use
  • GDPR and sovereign data privacy regulations
  • PCI-DSS audit readiness
  • ISO 27001
  • NIST 800-171 (FARS and DFARS guidance)
Get in Touch
Scott Corzine
Senior Managing Director
Robert Olsen
Robert Olsen
Senior Managing Director
Ankur Sheth
Senior Managing Director