2017, Insurance and IT - Information Management Today

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk

Risk Financial Services Insurance Cybersecurity

Scanning for Flaws, Scoring for Security

Krebs on Security

DECEMBER 12, 2018

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? the security posture of vendor partners). Image: US Chamber of Commerce.

Security

Security Energy and Utilities Risk Data breaches

Delaware amends data breach notification law

Data Protection Report

AUGUST 29, 2017

Earlier this month, Delaware revamped its data breach notification law, with changes to go into effect April 14, 2018. Most notably, the new law requires any entity that has suffered a data breach that includes social security numbers to provide free credit monitoring services to affected residents for one year.

Data breaches

Data breaches Insurance Encryption Passwords

“But the emails” – companies’ SEC filings reflect ransomware risks

Data Protection Report

SEPTEMBER 11, 2017

The Equifax breach will likely devour the entire breach news cycle in the near term, given the size of the incident and that it gets to the essence of the company’s business of maintaining some of the most sensitive consumer information. Here is how some companies have addressed it. General ransomware risk disclosures.

Risk

Risk Ransomware Insurance Data breaches

German court: monitoring of employees by key logger is not allowed

Data Protection Report

AUGUST 8, 2017

The German federal labor court held in a recent decision ( Bundesarbeitsgericht , 27 July 2017 – case no. Such monitoring is only allowed when an employer has a concrete suspicion of a criminal offense by an employee or any other serious breach of duty in a specific case.

Computer and Electronics

Computer and Electronics Insurance Privacy GDPR

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

On July 25, 2019, Governor Cuomo signed the two bills into law, one which amended the state’s data breach notification law, and another that created additional obligations for data breaches at credit reporting agencies. The Stop Hacks and Improve Electronic Data Security Act.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

What IG Professionals Should Know About the Internet of Bodies

ARMA International

FEBRUARY 21, 2020

A company in Wisconsin had a “chipping party” in 2017 to implant microchips in some of its employees to make it easier for them to access the buildings and systems and to buy food in the company break room. [1]. As with other connected devices, the tracked data can be hacked, breached, or otherwise exploited. Benefits and Risks.

Computer and Electronics

Computer and Electronics Privacy Artificial Intelligence IoT

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

DLA Piper Privacy Matters

NOVEMBER 6, 2019

According to the Berlin DPA the affected data included information about the personal and financial circumstances of tenants, such as payslips, self-disclosure forms, extracts from employment and training contracts, tax data, social security and health insurance data and bank statements. The administrative sanction is not yet final.

GDPR

GDPR Personal data Archiving Compliance

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

This guide will provide a high level overview of encryption and how it fits into IT through the following topics: How Encryption Works To understand how encryption works, we need to understand how it fits into the broader realm of cryptology, how it processes data, common categories, top algorithms, and how encryption fits into IT security.

Encryption

Encryption IT Passwords IoT

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Italy’s Garante issued its first fine (4.4.2019) for the lack of implementation of privacy security measures following a data breach on the Rousseau internet platform. In this situation, the ePD rule applies and data controllers cannot avail themselves of a legal basis for processing other than consent. Enforcement Actions.

GDPR

GDPR Personal data Privacy Information architecture

Italy: Privacy law integrating the GDPR adopted, what to do?

DLA Piper Privacy Matters

MAY 14, 2018

Criminal sanctions for privacy breaches confirmed. Unlike what provided by the initial draft of the Italian privacy law, criminal sanctions for privacy breaches provided by the Italian Privacy Code are confirmed. However, they only apply when the privacy-related breach has been performed to gain profit.

GDPR

GDPR Privacy Systems administration Compliance

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

California law also requires businesses that suffer a breach of security to disclose the breach to consumers, and in some instances law enforcement, if sensitive information is compromised. The CCPA goes into effect January 1, 2020. Its final status, however, is far from clear. It was recently signed into law by the governor.

Privacy

Privacy Sales Compliance Cybersecurity

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

California law also requires businesses that suffer a breach of security to disclose the breach to consumers, and in some instances law enforcement, if sensitive information is compromised. The CCPA goes into effect January 1, 2020. Its final status, however, is far from clear. It was recently signed into law by the governor.

Privacy

Privacy Sales Education Compliance

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

24, but more likely than not the first test for many organizations will be how they respond to data subject access requests (DSARs) or when they experience a personal data breach which they will likely need to report to their Supervisory Authority due to the relatively hair trigger reporting thresholds. Challenge #2. Challenge #3.

GDPR

GDPR Personal data Compliance Data breaches

CyberheistNews Vol 13 #19 [Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users

KnowBe4

MAY 9, 2023

New school security awareness training can help any organization sustain that line of defense and create a strong security culture. Blog post with links: [link] A Master Class on IT Security: Roger A. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more.

Phishing

Phishing Passwords Insurance Systems administration

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

SEPTEMBER 27, 2021

Thus, common tools and techniques are risk matrices, risk registers, risk logs, risk breakdown structures, risk categories, Monte Carlo simulations, and sensitivity analyses. This includes defining the product scope of the DT journey and the digital products and services that will deliver transformative change for a new future.

Digital transformation

Digital transformation Risk IT Computer and Electronics

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

Recent guidance from the Securities and Exchange Commission (SEC) on disclosure and enforcement actions by the Federal Trade Commission (FTC) make clear that cybersecurity is no longer a niche topic, but a concern significant enough to warrant the oversight of corporate boards of directors. Designing an Enterprise-Level Approach.

Cybersecurity

Cybersecurity Risk Passwords Authentication

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

Where the Information Commissioner gives notices to data controllers, she can now secure compliance, with the power to issue substantial administrative penalties of up to 4% of global turnover. New technologies have started innumerable economic revolutions, and the pace of change continues to accelerate. change it substantially.

GDPR

GDPR Personal data Government IT

Top Cybersecurity Startups to Watch in 2022

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. With evolving attack methodologies due to machine learning, quantum computing, and sophisticated nation-state hackers, security startups are receiving record funding.

Cybersecurity

Cybersecurity Cloud Compliance Analytics

Information Management Today

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

Scanning for Flaws, Scoring for Security

Trending Sources

Delaware amends data breach notification law

“But the emails” – companies’ SEC filings reflect ransomware risks

German court: monitoring of employees by key logger is not allowed

New York Enacts Stricter Data Cybersecurity Laws

What IG Professionals Should Know About the Internet of Bodies

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

What Is Encryption? Definition, How it Works, & Examples

GDPR – The Year in Review

Italy: Privacy law integrating the GDPR adopted, what to do?

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

GDPR is upon us: are you ready for what comes next?

CyberheistNews Vol 13 #19 [Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

An Approach to Cybersecurity Risk Oversight for Corporate Directors

The debate on the Data Protection Bill in the House of Lords

Top Cybersecurity Startups to Watch in 2022

Stay Connected