Remove 2011 Remove Communications Remove Government Remove Insurance
article thumbnail

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. provide for open communications between technical experts and disclosure advisers.

article thumbnail

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

eSecurity Planet

Finance and insurance finished a close second at 22.4%. Finance and insurance companies were particularly vulnerable to the sort of phishing scams we’re talking about. In 2020 alone, 79 ransomware attacks were conducted against government entities in the U.S., of cyber attacks IBM handled. 70% of attacks were on banks.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

Data Matters

The FCA is proposing amendments to: the UK onshored versions of EU technical standards on strong customer authentication (SCA) and common and secure methods of communication (UK SCA-RTS); its Approach Document on Payment Services and Electronic Money (Approach Document); and. its Perimeter Guidance Manual (PERG). Temporary COVID Guidance.

article thumbnail

FFIEC Guidance on Authentication and Access to Financial Institution Services and Systems

Data Matters

The Guidance replaces prior FFIEC-issued guidance on risk management practices for financial institutions offering internet-based products: “Authentication in an Internet Banking Environment” (2005) and the “Supplement to Authentication in an Internet Banking Environment” (2011). The 2005 guidance replaced a 2001 version of the same document.

article thumbnail

The debate on the Data Protection Bill in the House of Lords

Data Protector

Banks must still be allowed to process data to prevent fraud; regulators must still be allowed to process data to investigate malpractice and corruption; sports governing bodies must be allowed to process data to keep the cheats out; and journalists must still be able to investigate scandal and malpractice. change it substantially.

GDPR 120
article thumbnail

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

Increasingly, thought leaders, professional organizations, and government agencies are beginning to provide answers. Creating an enterprise-wide governance structure. More and more, directors are viewing cyber-risk under the broader umbrella of corporate strategy and searching for ways to help mitigate that risk. Principle 5.

article thumbnail

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

Take the example of the pandemic: only some governments engaged pandemic experts to develop actions plans. The end state is to use DT to optimize the use of resources, increase ROI, and improve governance, strategic risk management, and compliance, as illustrated by the five levels in Figure 3. Figure 3: Digital capability levels.