IT Governance

NOVEMBER 28, 2018

The Cyber Essentials scheme is a world-leading assurance mechanism for organisations of all sizes to help demonstrate that the most critical cyber security controls have been implemented. Secure your organisation with Cyber Essentials. Being Cyber Essentials certified demonstrates your commitment to cyber security.

Security 108

Security Ransomware Government Insurance 108

Schneier on Security

FEBRUARY 28, 2024

In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017. The 9/11 attacks cost insurers and reinsurers $47 billion.

Insurance 94

Insurance Government Cybersecurity Risk 94

The Last Watchdog

APRIL 3, 2019

Identity governance and administration, or IGA , has suddenly become a front-burner matter at many enterprises. Related: Identity governance issues in the age of digital transformation. SailPoint, which went public in November 2017, has grown to more than 1000 employees in 30 locations.

Digital transformation 140

Digital transformation Insurance Compliance Healthcare 140

Security Affairs

JANUARY 6, 2019

The Dark Overlord hacking group claims to have stolen a huge trove of documents from the British insurance company Hiscox, Hackers stole “hundreds of thousands of documents,” including tens of thousands files related to the 9/11 terrorist attacks. “ There’s five layers to go. Layer 1, 2, 3, 4, and fine finally Layer 5.

Insurance 111

Insurance Data breaches Sales Government 111

IT Governance

OCTOBER 31, 2023

Thousands of drivers have sensitive data exposed to hackers in major IT breach Date of breach: Unclear, but breached documents date back to 2017. Incident details: A security vulnerability in a third party left personal data exposed of thousands of motorists who had their vehicle towed on behalf of the An Garda Síochána.

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

IT Governance

JULY 23, 2019

Equifax has agreed to pay up to $700 million (about £561 million) as part of a settlement with US regulators following its mammoth data breach in 2017. The FTC (Federal Trade Commission) claimed that Equifax hadn’t taken reasonable steps to secure its systems, which led to the records of more than 147 million people being compromised.

Data breaches 66

Data breaches Insurance Cybersecurity Government 66

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. Background to the SEC’s Order Against First American.

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

IT Governance

APRIL 10, 2019

On 6 July 2016, the EU officially adopted the NIS Directive (Directive on security of network and information systems) and gave each EU member state just under two years to implement its requirements into national law. Implementation status : Transposed, as the Cyber Security Act (94/2018). Implementation status : In progress.

Compliance 68

Compliance Information Security Government Insurance 68

eSecurity Planet

FEBRUARY 11, 2022

The simplest example may be insurance. Life, health, auto, and other insurance are all designed to help a person protect against losses. Also read : Top Governance, Risk, and Compliance (GRC) Tools for 2022. Once data is mapped, organizations make better decisions on how that data is governed and reduce their risk footprint.

Risk 144

Risk Cybersecurity Encryption Access 144

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

On 11 August 2023, India’s long-awaited law governing data protection – the Digital Personal Data Protection Act, 2023 ( DPDP Act ) – received the President’s assent and was published in the official gazette the following day.

Personal data 111

Personal data GDPR Data breaches Compliance 111

Security Affairs

NOVEMBER 30, 2020

“Sources said the county is in the process of paying the $500,000 ransom as it’s insured for such attacks.” A few days ago, the Microsoft Security Response Center (MSRC) warned customers of the DoppelPaymer ransomware , the tech giant provided useful information on the threat and how it spreads. Pierluigi Paganini.

Computer and Electronics 103

Computer and Electronics Ransomware Insurance Encryption 103

ARMA International

JANUARY 30, 2020

Notably, in its opening paragraph, the missive cites “unintended security consequences and increased risk to the joint force and mission.”. As quoted in the Military Times article [3] , citing security risks, Cmdr. December 12, 2017. But Matloff suggests it’s the concerns about surveillance that are truly front and center.

Military 106

Military Privacy Risk Insurance 106

IT Governance

JANUARY 19, 2018

Nigel Houlden, head of technology policy at the ICO, said: “[T]here may be some circumstances where organisations could be held liable for a breach of security that relates to measures, such as patches, that should have been taken previously.”. Secure configuration. Retroactive punishment. These controls are: Patch management.

GDPR 76

GDPR Risk Insurance Government 76

Data Protection Report

AUGUST 3, 2017

On August 1, 2017, US Senators unveiled a bipartisan bill to mandate baseline cybersecurity requirements for internet connected devices purchased by the federal government. Repair new security vulnerabilities in a timely manner. Use software and components that can be updated and patched.

IoT 40

IoT Cybersecurity Insurance Marketing 40

Hunton Privacy

JULY 11, 2017

On July 10, 2017, the Cyberspace Administration of China published a new draft of its Regulations on Protecting the Security of Key Information Infrastructure (the “Draft Regulations”), and invited comment from the general public. The Draft Regulations will remain open for comment through August 10, 2017.

Energy and Utilities 45

Energy and Utilities Security Cybersecurity Manufacturing 45

IT Governance

MAY 3, 2018

Hello and welcome to the IT Governance podcast for Friday, 4 May 2018. Thousands of operations and appointments were cancelled as a result of the infection according to the 2017 National Audit Office (NAO) report on the incident, Investigation: WannaCry cyber attack and the NHS. Fourth of may be with you. Or something like that.

Computer and Electronics 66

Computer and Electronics Insurance Data breaches Information Security 66

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk 147

Risk Financial Services Insurance Cybersecurity 147

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

IT Governance

OCTOBER 3, 2018

The Scottish government therefore launched Safe, secure and prosperous: a cyber resilience strategy for Scotland in 2015 to help develop a culture of cyber resilience across the country. As part of this initiative, the government launched the Public Sector Action Plan in November 2017. Cyber Essentials certification.

Government 72

Government Compliance Risk Insurance 72

IT Governance

MAY 1, 2018

CIR management can help your organisation mitigate the risk of information security incidents and minimise losses. Incident response planning is mandated as part of all major cyber security regimes. How IT Governance can help you with your CIR management. What does cyber incident response (CIR) management do?

Risk 75

Risk Information Security IoT Insurance 75

eSecurity Planet

SEPTEMBER 14, 2022

According to statistics from the FBI’s 2021 Internet Crime Report , complaints to the Internet Crime Complaint Center (IC3) have been rising since 2017. Finance and insurance finished a close second at 22.4%. Finance and insurance companies were particularly vulnerable to the sort of phishing scams we’re talking about.

Energy and Utilities 120

Energy and Utilities Phishing Blockchain Cybersecurity 120

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. systemic risk of insurers with other parts of the financial system, notably the banking.

Insurance 68

Insurance Paper Risk Big data 68

Hunton Privacy

JANUARY 24, 2018

Covered entities must file the certification, which covers the 2017 calendar year, at the NYDFS online portal. DFS’s goal is to prevent cybersecurity attacks, and we therefore will now include cybersecurity in all DFS examinations to ensure that proper cybersecurity governance is being practiced by our regulated entities.

Financial Services 58

Financial Services Cybersecurity Compliance Insurance 58

Data Matters

MAY 17, 2018

SB 315 faced opposition from both private companies and information security researchers. Security researchers also voiced concerns. Organizations have employed bug bounty programs in an effort to encourage researchers to report security flaws in their systems. The federal government has also taken notice of these efforts.

Systems administration 60

Systems administration Cybersecurity Information Security Insurance 60

Security Affairs

DECEMBER 23, 2019

China-linked cyber espionage group APT20 has been bypassing two-factor authentication (2FA) in recent attacks, cyber-security firm Fox-IT warns. Security experts from cyber-security firm Fox-IT warns of a new wave of attacks, tracked as Operation Wocao, carried out by China-linked cyber espionage group APT20 that has been bypassing 2FA.

Authentication 66

Authentication Insurance Access Government 66

AIIM

MARCH 12, 2018

2017: A Digitally “Transformative” Year. Information Privacy and Security: GDPR is Just the Tip of the Iceberg. The 2017 Gartner Magic Quadrant for Content Services Platforms and Five Things I Learned on the Journey from ECM to CSP. The 2017 M-Files User Conference – A Set of Personal Firsts. And Then It’s Not.

ECM 90

ECM Digital transformation Digital preservation Content services 90

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. Raising awareness about ransomware is a baseline security measure. As training sessions have little influence over staff for every potential attack, it makes added security more imperative.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

IT Governance

JULY 17, 2019

Your first – obviously valid – thought might be that we all need to get better at preventing security incidents, but it’s not the whole story. An incident response plan is a document that outlines the steps an organisation must take following a cyber security incident. billion in total. What goes in an incident response plan?

Data breaches 71

Data breaches Ransomware Insurance Security 71

IT Governance

MAY 2, 2019

A third of businesses and a fifth of charities were hit by a cyber attack or data breach in the past year, the UK government’s Cyber Security Breaches Survey 2019 has found. The report says this may be because businesses and charities are going to greater lengths to become cyber secure. The effects of the GDPR.

Data breaches 69

Data breaches GDPR IT Compliance 69

Hunton Privacy

MAY 16, 2017

On May 12, 2017, a massive ransomware attack began affecting tens of thousands of computer systems in over 100 countries. A wide range of industries have been impacted by the attack, including businesses, hospitals, utilities and government entities around the world. Breach Notification Laws.

Ransomware 61

Ransomware Insurance Access Information Security 61

Hunton Privacy

JUNE 1, 2017

On May 16, 2017, the Governor of the State of Washington, Jay Inslee, signed into law House Bill 1493 (“H.B. The law will become effective on July 23, 2017. 1493 contains detailed requirements governing the enrollment of biometric identifiers for a commercial purpose, as well as the subsequent disclosure of such data.

Privacy 87

Privacy Insurance Compliance Security 87

Data Matters

AUGUST 27, 2018

By March 1, 2019, Covered Entities must have security policies in place that govern the security of third-party service providers and, by that deadline, must implement such written security policies. Looking ahead, Covered Entities will be required to meet one final compliance deadline for the NYDFS on March 1, 2019.

Cybersecurity 60

Cybersecurity Compliance Encryption Risk 60

Data Matters

JANUARY 2, 2018

In November 2017, the Supreme Court heard oral arguments in Carpenter v. In Carpenter , the government obtained months’ worth of a suspect’s cell phone location records pursuant to the Stored Communications Act (SCA). Robins will certainly be back in play. Supreme Court Developments. The Possibility of U.S.

Cybersecurity 68

Cybersecurity Privacy Data breaches GDPR 68

Krebs on Security

JANUARY 19, 2022

is perhaps better known as the online identity verification service that many states now use to help staunch the loss of billions of dollars in unemployment insurance and pandemic assistance stolen each year by identity thieves. I went with and would encourage others to use the strongest MFA option — a physical Security Key.

Access 363

Access Insurance Authentication Government 363

InfoGovNuggets

JANUARY 13, 2018

Not that there aren’t issues on governance, information, or (and) compliance that come up daily. Some recent stories: “Subaru Probes if Fuel Data Was Fake,” The Wall Street Journal , December 21, 2017 B1. 2017 wasn’t a good year for the bank. Do government agencies need to comply with the US Constitution?

Government 28

Government Insurance Access Compliance 28

Data Matters

NOVEMBER 5, 2018

Like its 2017 predecessor, “Automated Driving Systems 2.0: notes that the “traditional roles of the Federal Government; State and local governments; and private industry are well suited for addressing automation.” Federal government. State, local, and tribal governments. A Vision for Safety,” AV 3.0

Cybersecurity 87

Cybersecurity Government Communications Privacy 87

Schneier on Security

NOVEMBER 8, 2017

Hearing on "Securing Consumers' Credit Data in the Age of Digital Commerce". 1 November 2017. Mister Chairman and Members of the Committee, thank you for the opportunity to testify today concerning the security of credit data. My name is Bruce Schneier, and I am a security technologist. Before the. Washington, DC 20515.

Personal data 84

Personal data Computer and Electronics Privacy Data breaches 84