Data Protection Report

JANUARY 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS””) Cybersecurity Regulation , 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective. Upcoming certifications. Additional guidance.

Cybersecurity 40

Cybersecurity Compliance Financial Services Risk 40

HL Chronicle of Data Protection

OCTOBER 4, 2018

As of Tuesday, September 4, 2018, covered entities are required to be in compliance with additional requirements relating to: Audit Trail (Section 500.06); Application Security (Section 500.08); Limitations on Data Retention (Section 500.13); Monitoring of Authorized Users (Section 500.14(a)); Final Implementation date March 1, 2019.

Cybersecurity 40

Cybersecurity Encryption Financial Services Compliance 40

HL Chronicle of Data Protection

OCTOBER 4, 2018

As of Tuesday, September 4, 2018, covered entities are required to be in compliance with additional requirements relating to: Audit Trail (Section 500.06); Application Security (Section 500.08); Limitations on Data Retention (Section 500.13); Monitoring of Authorized Users (Section 500.14(a)); Final Implementation date March 1, 2019.

Cybersecurity 40

Cybersecurity Encryption Financial Services Compliance 40

Hunton Privacy

JULY 24, 2020

On Wednesday, July 22, the New York Department of Financial Services (the “NYDFS”) announced that it had filed administrative charges against First American Title Insurance Co. under the NYDFS Cybersecurity Regulation , marking the agency’s first enforcement action since the rules went into effect in March 2017. NYCRR 500.14(b):

Cybersecurity 85

Cybersecurity Risk Financial Services Insurance 85

Hunton Privacy

APRIL 27, 2017

Earlier this month, the New York State Department of Financial Services (“NYDFS”) recently published FAQs and key dates for its cybersecurity regulation (the “NYDFS Regulation”) for financial institutions that became effective on March 1, 2017. March 1, 2018 – the one year transitional period ends.

Cybersecurity 53

Cybersecurity Compliance Financial Services Insurance 53

Security Affairs

AUGUST 30, 2018

22-24, 2018, it added that financial data was protected but invited to remain vigilant for fraudulent credit card transactions. 22-24, 2018. Credit cards that are saved to your profile are encrypted and stored in compliance with security standards set by the payment card industry or PCI standards.

Data breaches 53

Data breaches IT Passwords Financial Services 53

eSecurity Planet

FEBRUARY 16, 2021

All of your files are encrypted with RSA-2048 and AES-128 ciphers.” ” Or you might see a readme.txt stating, “Your files have been replaced by these encrypted containers and aren’t accessible; you will lose your files on [enter date] unless you pay $2500 in Bitcoin.” IMPORTANT INFORMATION !!!

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Thales Cloud Protection & Licensing

JULY 24, 2018

to discuss the findings of the 2018 Thales Data Threat Report, Federal Edition. Question: Can you provide an overview of the 2018 Thales Data Threat Report, Federal Edition, and elaborate why it’s needed today more than ever? Forty-eight percent used more than 100 Software-as-a-Service (SaaS) applications.

Encryption 48

Encryption Cloud Data breaches Government 48

Security Affairs

SEPTEMBER 10, 2018

defense contractors and financial services firms worldwide. In March 2018, security experts at Kaspersky Lab have observed an attack powered by the Chinese APT group, the experts speculate the campaign was started in the fall of 2017. The APT group has been active since at least 2010, the crew targeted U.S.

Communications 70

Communications Financial Services Phishing Encryption 70

Thales Cloud Protection & Licensing

DECEMBER 11, 2018

We had some results this year from the 100+ US retail IT security professionals that were surveyed for the 2018 Thales Data Threat Report that differed from every other segment we polled (healthcare, federal government, financial services).

Retail 66

Retail Data breaches Encryption Mining 66

Data Matters

OCTOBER 8, 2020

Ransomware attacks use malware, often injected through phishing schemes, to encrypt a victim’s data files or programs, followed by a ransom demand by the threat actor that offers the decryption key in exchange for payment. Payment is often demanded in bitcoin, and thus third-party services are often used to make such payments.

Ransomware 68

Ransomware Compliance Risk Government 68

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. 2018-L-11008, 2018 WL 4941760 (Ill. For example, Mondelez International Inc.

Insurance 70

Insurance Cybersecurity Risk Education 70

HL Chronicle of Data Protection

MAY 13, 2019

For example, the New York Department of Financial Services (‘NYDFS’) in March 2017 issued its Cybersecurity Regulation (23 NYCRR 500) (‘the NYDFS Cybersecurity Regulation’), a groundbreaking and far-reaching regulatory regime focused on financial institutions licensed in New York, including insurance companies.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

ARMA International

AUGUST 2, 2019

According to its annual report , Equifax’s 2018 revenue was over $3 billion.) Though Capital One reports that it encrypts its data as a standard practice, the data was de-encrypted during the breach. The company also reports using tokenization for certain fields (e.g., Thompson in connection with the incident.

Cloud 41

Cloud Data breaches Encryption Access 41

CGI

DECEMBER 18, 2018

Sibos 2018 – a whirlwind tour of my week down under. Tue, 12/18/2018 - 04:55. One of the great things about Sibos as a conference is that they have a lot of non-financial services speakers, often bringing in leading academics to talk about their specialist areas.

Financial Services 40

Financial Services Encryption Marketing GDPR 40

HL Chronicle of Data Protection

MARCH 14, 2019

Pursuant to its rulemaking authority, the CFPB enacted its own version of the Privacy Rule, Regulation P, which it amended in 2018 to implement provisions in the Fixing America’s Surface Transportation Act (“FAST Act”), which simplified the delivery of annual GLBA notices. Specific information security measures.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

IBM Big Data Hub

OCTOBER 16, 2023

While the US doesn’t have a single data privacy law at the federal level, the California Consumer Privacy Act of 2018 is one of the most ambitious data privacy legislation ever enacted in the US, much like European Union’s GDPR. Data sovereignty in the EU is an evolving field.

Cloud 73

Cloud Compliance Data Privacy Privacy 73

Data Matters

APRIL 23, 2018

* This article first appeared in In-House Defense Quarterly on April 3, 2018. Encrypting critical data assets. On February 21, 2018, the SEC issued an additional cybersecurity disclosure guidance document to assist public companies in drafting their cybersecurity disclosures in their SEC filings. Encrypting Critical Data Assets.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

IT Governance

MARCH 11, 2024

Glosbe dictionary exposes almost 7 million records The multilingual online dictionary Glosbe left a MongoDB instance unsecured last year, exposing nearly 7 million users’ information, including personal data, encrypted passwords and social media identifiers. Glosbe did not reply, but the open instance was soon closed. UniCredit fined €2.8

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

ForAllSecure

JANUARY 19, 2022

I'm Robert Vamosi and in this episode, I'm going to be talking about identity from the perspective of a computing system, how all those online service and consumer devices we have in our home know who were are, whether it is through passwords or MFA or even the brave new world of passwordless identification.

Passwords 52

Passwords Authentication Access Data breaches 52

Data Matters

MAY 17, 2022

19, 2022, President Biden signed the National Security Memorandum, which implemented requirements from EO 14028 by setting out specific cyber requirements for government agencies and contractors, such as multifactor authentication, encryption, cloud technologies, and endpoint detection services. Press Release No. Nalani Fraser et al.,

Cybersecurity 97

Cybersecurity Government Authentication Ransomware 97

eSecurity Planet

JANUARY 11, 2022

Startup Est Headquarters Staff Funding Funding Type Abnormal Security 2018 San Francisco, CA 261 $74.0 Series A Confluera 2018 Palo Alto, CA 33 $29.0 Series A Perimeter 81 2018 Tel Aviv, Israel 159 $65.0 2018 Santa Clara, CA 305 $50.0 Series A Confluera 2018 Palo Alto, CA 33 $29.0 2018 Santa Clara, CA 305 $50.0

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142