Log In

Reset Password
BERMUDA | RSS PODCAST

Effort to improve cybersecurity and privacy standards

First Prev 1 2 3 Next Last
Alexander White, the Privacy Commissioner for Bermuda (File photograph)

The Office of the Privacy Commissioner is working with a UK-based organisation to help prepare organisations for compliance with privacy rules.

The IASME Consortium has developed governance standards relating to cybersecurity and assurance.

PrivCom said IASME is committed to helping businesses improve their cybersecurity, risk management, and good governance through an effective and accessible range of certifications.

The non-financial collaboration between PrivCom and IASME will support the development of a Bermuda-specific component of the cyber assurance and privacy standard to help organisations certify their compliance with the Personal Information Protection Act.

PrivCom said this certification tool will help organisations test and demonstrate their privacy and security practices by providing a framework for compliance with requirements and best practices.

IASME’s certification mechanism allows organisations to self-certify or to engage with a trained assessor to evaluate the organisation and provide a third-party certification.

To support the growth of data privacy and cybersecurity expertise in Bermuda, IASME will offer local training to individuals interested in becoming assessors for certification standards.

This two-day training will take place in July and will be facilitated by IASME trainers visiting Bermuda. The Association of Bermuda Insurers and Reinsurers is to sponsor the venue for this cohort.

In July, IASME and PrivCom will also co-ordinate a virtual event for introductory meetings and interviews between the UK-based certification bodies and local, trained assessors.

There is an opportunity for trained Bermudian assessors to work both locally and abroad with current IASME certification bodies in the UK, US and Europe.

The groups plan to continue the Bermuda assessor training twice per year.

In addition, IASME aims to support the Bermuda data privacy and cybersecurity industry by inviting Bermudian organisations to become an IASME certification body.

Such bodies are expert cybersecurity organisations with registered assessors licensed to certify an organisation’s practices against IASME cybersecurity schemes, including IASME cyber assurance.

The bodies help organisations understand the assessment questions and prepare for certification.

Another virtual meet-and-greet is planned for Bermuda-based organisations to learn more about certification bodies and to discuss potential partnerships with UK entities.

PrivCom and IASME will work together this year to introduce any custom changes needed to the certification programmes to help organisations evaluate Bermuda-specific components of laws such as PIPA and other guidance.

About the engagement, Privacy Commissioner Alexander White said: “This project will give all Bermudian organisations a framework to understand and explain their privacy and cybersecurity readiness.

“IASME is a recognised entity for their work in the UK to build cybersecurity maturity, making the process simpler and realistic even for small businesses.

“Plus, since this engagement will map Bermuda’s PIPA to IASME’s certification for the General Data Protection Regulation, Bermudian businesses will be well placed to comply with privacy rules outside of Bermuda.”

Emma Philpott, CEO of the IASME Consortium, said: “IASME are excited to be working with PrivCom on this important project. It is fantastic to see such a proactive attitude to privacy and security and we are looking forward to training the first cohort of assessors.”

PrivCom’s assistant commissioner Cha’Von Clarke-Joell, who has coordinated the engagement with IASME, said: “This is an exciting and significant development for Bermuda’s economy and the information privacy sector as local assessors can register with certification bodies on the island, the UK, the US, and in Europe to offer services globally to any entity that uses the IASME standard while working virtually from Bermuda, thus contributing to the island’s economic growth with flexible and remote working conditions.”

Emma Philpott, CEO of the IASME Consortium
PrivCom’s assistant commissioner Cha’Von Clarke-Joell

You must be Registered or to post comment or to vote.

Published June 01, 2023 at 3:16 pm (Updated June 01, 2023 at 8:20 pm)

Effort to improve cybersecurity and privacy standards

What you
Need to
Know
1. For a smooth experience with our commenting system we recommend that you use Internet Explorer 10 or higher, Firefox or Chrome Browsers. Additionally please clear both your browser's cache and cookies - How do I clear my cache and cookies?
2. Please respect the use of this community forum and its users.
3. Any poster that insults, threatens or verbally abuses another member, uses defamatory language, or deliberately disrupts discussions will be banned.
4. Users who violate the Terms of Service or any commenting rules will be banned.
5. Please stay on topic. "Trolling" to incite emotional responses and disrupt conversations will be deleted.
6. To understand further what is and isn't allowed and the actions we may take, please read our Terms of Service
7. To report breaches of the Terms of Service use the flag icon