CyberCecurity LLC’s new WISPP helps companies build and manage cybersecurity and privacy programs that are aligned with the NIST Cybersecurity Frameworks
DENVER, CO, UNITED STATES, February 5, 2020 /EINPresswire.com/ — CyberCecurity LLC announces the launch of its new Written Information Security and Privacy Program (WISPP).
Both historically and in some states in order to be compliant, cybersecurity programs needed to contain a Written Information Security Program or WISP document as an integral part of the program. The WISP is the strategic governance document for your cybersecurity and privacy program.
The NIST Cybersecurity Framework (CSF) category ID-GV establishes the requirement for the WISP, which helps management and IT teams understand and implement cybersecurity in the organization. It is the primary governance document related to the cybersecurity program. The WISP informs management about the policies, procedures, and processes to manage the organization’s regulatory, legal, risk, environmental, and operational requirements.
CyberCecurity, LLC, a national, full-service cybersecurity and privacy company headquartered in Denver, CO announces the upgrade of its WISP (Written Information Security Program) document into the WISPP (Written Information Security and Privacy Program) document. Note that privacy is now automatically included.
Asked why CyberCecurity LLC is upgrading to a WISPP at this time, CyberCecurity Managing Partner Ray Hutchins responded, “The release of the NIST Privacy Framework makes it official…cybersecurity and privacy are joined at the hip. Both NIST standards (CSF and PF) are about protecting data. Since all our risk assessments now include both cybersecurity and privacy, it is only natural to upgrade our WISP to include privacy….therefore the launch of the new Written Information Security and Privacy Program (WISSP). All professional organizations will follow our lead shortly.”
CyberCecurity LLC partner Mitch Tanenbaum added, “It should be noted that the International Standards Organization (ISO) refers to this document as an Information Security Management System (ISMS) and various Department of Defense agencies refer to it as a Security System Program (SSP). While these and other organizations may use somewhat different nomenclature to refer to this document, they all have the same purpose. We can expect the ISO and DoD to upgrade their terminology to include privacy as well.”
While CyberCecurity LLC is a full-service cybersecurity and privacy firm, it has always placed a particular emphasis on strategic cybersecurity and privacy governance issues.
Tanenbaum says, “Cybersecurity and privacy have always been business issues more than IT issues. Until management correctly understands and commits to dealing with cybersecurity and privacy risks as business issues, nothing of value will occur at the operational level. Once management gets the picture and commits, then our new WISPP document becomes a critical governance tool.”
CyberCecurity, LLC’s WISSP is typically part of a larger package of cybersecurity and privacy governance documents which include various programs, policies, and procedures. All these documents are fully aligned with the NIST CSF and the NIST PF in order to create a coherent and coordinated program.
About CyberCecurity LLC
CyberCecurity LLC is a full-service, nationally recognized cybersecurity company headquartered in Denver, Colorado.
Please visit: https://www.cybercecurity.com/wispp for more information about our Written Information Security and Privacy program.
email us here
Source: EIN Presswire