Offensive Cybersecurity FAQs

The FTC Safeguards Rule broadly applies to all financial institutions including dealerships and other entities that provide or facilitate financial services.

The purpose of the FTC Safeguards Rule is to protect consumer information from misuse or data breach, ultimately protecting customer from identity theft or privacy violations.

The Revised Safeguards Rule applies to all customer information in your possession, whether such information pertains to individuals with whom you have a customer relationship or to the customers of other financial institutions that have if information to you. Accordingly, the protections it affords are likely relevant to all the customer personal information in your possession.

Revisions to the Safeguards Rule have been issued since 2003 when it was established to address and combat new and evolving security threats.

The Privacy Rule deals with how you share information about consumers who obtain, or apply for, credit or lease products from you and it includes specific notice requirements. The Safeguards Rule deals with how you protect information you receive from consumers. These obligations are independent of each other and are subject to different standards, requiring the appropriate steps to comply with each.