2020 and Exercises - Information Management Today

N. Korean Kimsuky APT targets S. Korea-US military exercises

Security Affairs

AUGUST 20, 2023

-South Korea military exercise. The military drill, the Ulchi Freedom Guardian summer exercises , will start on Monday, August 21, 2023 , and will last 11 days. The military exercises aim at improving the ability of the two armies to respond to North Korea’s evolving nuclear and missile threats. .

Military

Military Phishing Government Security

HHS Announces Exercise of Enforcement Discretion for Entities Engaged in COVID-19 Relief Efforts

Data Matters

MAY 5, 2020

First, as covered in an earlier posting , HHS took action to waive penalties and assure companies that it would exercise enforcement discretion with respect to the Privacy Rule’s application to telehealth services and certain limited communication activities related to COVID-19 treatment efforts.

Privacy

Privacy Communications IT Security

How to Keep Your Information Safe for Data Privacy Day 2020

Thales Cloud Protection & Licensing

JANUARY 28, 2020

January 28, 2020 marks the 13th iteration of Data Privacy Day. Fortunately, organizations can minimize the risk of these types of attacks by exercising key management. The post How to Keep Your Information Safe for Data Privacy Day 2020 appeared first on Data Security Blog | Thales eSecurity.

Data Privacy

Data Privacy Privacy Encryption Unstructured data

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

6 reasons Collibra University Live 2020 will blow you away

Collibra

FEBRUARY 25, 2020

It’s almost time for Data Citizens 2020 and that means one jam-packed day of Collibra University Live and we could not be more excited for what’s in store! Here are 6 reasons you should attend Collibra University Live 2020: 1. The post 6 reasons Collibra University Live 2020 will blow you away appeared first on Collibra.

Education

Education IT

Regulatory Update: NAIC Summer 2020 National Meeting

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. The NAIC adopted the revised SAT in February 2020, and since that time, several states, including Idaho, Iowa, Kentucky, Ohio and Rhode Island, have begun efforts to adopt the revisions.

Insurance

Insurance Paper Artificial Intelligence Big data

CISA analyzed stealthy malware found on compromised Pulse Secure devices

Security Affairs

JULY 22, 2021

Government experts reported that threat actors are targeting Pulse Secure devices since June 2020 by attempting to exploit multiple know vulnerabilities, including CVE-2019-11510 , CVE-2020-8260 , CVE-2020-8243 , CVE-2021-2289. Exercise caution when using removable media (e.g., .” Reads the CISA’s alert.

e-Discovery

e-Discovery Security Passwords Access

California Attorney General Reminds Health App Providers of Obligations to Protect Reproductive Health Information

Hunton Privacy

JUNE 7, 2022

According to the press release, this should include, at a minimum, “assess[ing] the risks associated with collecting and maintaining abortion-related information that could be leveraged against persons seeking to exercise their healthcare rights.”.

Privacy

Privacy Authentication Information Security Risk

5 best online cyber security training courses and certifications in 2020

IT Governance

APRIL 20, 2020

This one-day course is designed and run by real-world practitioners, who help you gain an understanding of risks through practical exercises, group discussions and case studies. The post 5 best online cyber security training courses and certifications in 2020 appeared first on IT Governance UK Blog.

Security

Security GDPR Phishing Data breaches

California Attorney General Approves Additional CCPA Regulations

Hunton Privacy

MARCH 16, 2021

On March 15, 2021, the California Attorney General (“AG”) approved additional CCPA Regulations that impact certain sections of the initial CCPA Regulations that went into effect on August 14, 2020. These amendments, which were the subject of the third and fourth sets of proposed modifications, went into effect on March 15, 2021.

Threat Modeling Training at Blackhat 2020

Adam Shostack

MARCH 2, 2020

This is capped off with an end to end exercise that brings the skills together. August 1-2 , and August 3-4.

IT

IT Education

US Cyber Command and Australian IWD to develop shared cyber training range

Security Affairs

DECEMBER 6, 2020

Cyber Command (@US_CYBERCOM) December 4, 2020. “Cyber mission forces first identified the need for a shared, iterative virtual cyber range during exercise Cyber Flag 2015 and has since galvanized an expedited effort to define the requirement and find technical solutions. Persistent Cyber Training Environment allows U.S. &

Military

Military IT Security Information Security

Phish Leads to Breach at Calif. State Controller

Krebs on Security

MARCH 23, 2021

Then in October 2020, the California Department of Technology (CDT) issued a new set of guidelines that effectively require all executives, managers and supervisors to know all of the details of a phishing exercise before it occurs. “Meaning, such people will be tested ever again,” the state agency source said.

Phishing

Phishing Data breaches Access Passwords

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

Hunton Privacy

NOVEMBER 7, 2022

Trustopia was found to have had access from September 2018 to January 2020, during which it performed over 20,000 searches on children whose personal data was in the LRS database. Following the investigation, the ICO issued the reprimand to the DfE setting out clear measures it needs to act on to improve its data protection practices.

Education

Education Personal data Access IT

CNIL Fines Clearview AI 20 Million Euros for Unlawful Use of Facial Recognition Technology

Hunton Privacy

OCTOBER 24, 2022

In November 2021, the CNIL ordered Clearview AI to cease the collection and use of data of persons residing in France without a valid legal basis and to facilitate the exercise of data subjects’ rights and comply with such requests.

Data collection

Data collection Personal data GDPR Marketing

Data Subject Access Requests – High Court dismisses claim where DSAR regime abused

DLA Piper Privacy Matters

JANUARY 15, 2021

However, the Judge held that, even if he were wrong on that primary finding of fact and that there had been a failure to provide a proper request to one or more of the DSARs, the court has a discretion whether or not to make an order and, in this case, there were good reasons for declining to exercise the discretion.

Access

Access GDPR Personal data Retail

The Netherlands – DPA imposes EUR 830,00 fine for access request fees

DLA Piper Privacy Matters

JULY 8, 2020

On the 6 th of July 2020, the Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , “Dutch DPA“) published its decision to impose a fine of 830,000 EUR on Stichting Bureau Krediet Registratie (BKR). Article 12(2) GDPR states that the controller shall facilitate the exercise of, inter alia, the right of access (Article 15 GDPR).

Access

Access GDPR Personal data IT

Microsoft Azure Certifications: Which Path is Right for You?

IT Governance

OCTOBER 13, 2021

The two-day course is the most effective as it contains practical exercises for each module, helping you learn by applying your new knowledge to the sort of situations you will encounter at work. . Please note that this two-day course includes practical, hands-on lab exercises. . The course covers: . Role-based certifications .

Cloud

Cloud Compliance Government Access

European Data Protection Supervisor Issues Schrems II Guidelines

Data Matters

NOVEMBER 9, 2020

Mapping exercise : On 5 October 2020, the EDPS already ordered EUIs to perform a mapping exercise to identify which activities involve personal data transfers. By 15 November 2020, EUIs must report transfers to the EDPS which are (i) not based on a transfer mechanism where such is required ( e., 12333 (the U.S.

Personal data

Personal data Compliance Privacy Communications

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. “CISA has observed a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020. Exercise caution when using removable media (e.g.,

Passwords

Passwords Authentication Cybersecurity Access

New Dubai International Financial Centre Data Protection Law Comes into Effect

Hunton Privacy

JULY 9, 2020

On July 1, 2020, the Dubai International Financial Centre (“DIFC”) Data Protection Law No. 5 of 2020 came into effect (“New DP Law”). Due to the current pandemic, a three-month grace period, running until October 1, 2020, has been provided for companies to comply. The New DP Law replaces DIFC Law No.

Personal data

Personal data GDPR Data breaches Compliance

EDPB Adopts Guidelines on the Processing of Health Data During COVID-19

Hunton Privacy

APRIL 22, 2020

On April 21, 2020, the European Data Protection Board (“EDPB”) adopted Guidelines on the processing of health data for scientific purposes in the context of the COVID-19 pandemic.

GDPR

GDPR Personal data IT Privacy

TrickBot gang developer arrested at the Seoul international airport

Security Affairs

SEPTEMBER 6, 2021

The man has remained stuck in the Asian country since February 2020 due to the COVID-19 lockdown imposed by the local government and the cancelation of international travel. A Russian man accused of being a member of the TrickBot gang was arrested last week at the Seoul international airport.

Ransomware

Ransomware Government IT Security

Comments Submitted on California Consumer Privacy Act of 2020—Initiative 19-0021

Data Matters

NOVEMBER 12, 2019

It can also eliminate the ability of data subject to exercise choices. The post Comments Submitted on California Consumer Privacy Act of 2020—Initiative 19-0021 appeared first on Data Matters Privacy Blog. If it would be of value to you, we would be pleased to engage further with you to address the issues we have raised.

Privacy

Privacy Data breaches Compliance Personal data

Navigating SEC Investigations: The Importance of Transparency and Cooperation in Communications and eDiscovery

eDiscovery Daily

OCTOBER 11, 2023

Kappell served as an associate at Morgan, Lewis & Bockius LLP and at K&L Gates prior to joining the SEC in 2020, and now serves as Senior Counsel, Division of Enforcement. The takeaways boiled down to two simple principles that can positively impact the trajectory of the exercise: transparency and cooperation.

Communications

Communications Marketing Government Security

ICO Publishes Its Accountability Framework

Hunton Privacy

SEPTEMBER 14, 2020

On September 9, 2020, the UK Information Commissioner’s Office (“ICO”) published an Accountability Framework , designed to assist organizations in complying with their accountability obligations under the EU General Data Protection Regulation (“GDPR”). Feedback may be submitted on the Framework before November 2, 2020.

IT

IT Compliance Records Management GDPR

Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications

Security Affairs

JUNE 3, 2021

Researchers discovered two stack-based buffer overflow vulnerabilities, tracked as CVE-2020-27301 and CVE-2020-27302, in the module’s WPA2 handshake mechanism. precise control of the return address can be achieved – this is left as an exercise for the reader.” ” continues the report.

Communications

Communications Agriculture IoT Encryption

Logic bugs found in popular apps, including Signal and FB Messenger

Security Affairs

JANUARY 20, 2021

Moreover, the vulnerability was a logic bug in the FaceTime calling state machine that could be exercised using only the user interface of the device.” Facebook Messenger addressed the bug in November 2020. Google Duo solved the bug in December 2020. ” reads the post published by Silvanovich.

Encryption

Encryption Security IT Information Security

Schrems II judgement due in July – what this might mean for your outsourcing deal

Data Protection Report

JUNE 17, 2020

Just when we thought our summers might have been looking a bit dull, it was announced that the Court of Justice of the European Union ( CJEU ) will be making its final ruling in Case C-311/18, Data Protection Commissioner v Facebook Ireland & Schrems on 16 July 2020.

Personal data

Personal data Communications Access GDPR

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

NSCS @cse_cst @CISAgov @FBI [link] — @U.S.CyberCommand (@US_CYBERCOM) August 3, 2020. Exercise caution when opening e-mail attachments even if the attachment is expected and the sender appears to be known. Exercise caution when using removable media (e.g., Do not add users to the local administrators group unless required.

Healthcare

Healthcare Passwords Government Systems administration

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

HappyValentines @CISAgov @DHS @US_CYBERCOM — USCYBERCOM Malware Alert (@CNMF_VirusAlert) February 14, 2020. Exercise caution when opening e-mail attachments even if the attachment is expected and the sender appears to be known. Exercise caution when using removable media (e.g., Keep operating system patches up-to-date.

Passwords

Passwords Access Phishing Authentication

UK Supreme Court Grants Google Permission to Appeal Class Action Claim in Lloyd vs Google LLC

Data Matters

JULY 16, 2020

Whether the High Court judge was correct to exercise his discretion in ruling that the claim should not be permitted to proceed under CPR 19.6 2) allows the court, exercising its discretion, to direct that a person may not act as a representative. as a representative action.

Personal data

Personal data GDPR Privacy Data Privacy

Data Protection: Where’s the Brexit Privacy Dividend?

Data Protector

AUGUST 17, 2020

But these organisations are likely to form a small minority of the 738,769 data controllers that registered to pay data protection fees to the Information Commissioner’s Office (ICO) as at 31 March 2020. I’ve never met anyone outside the privacy community who thought that privacy statements should include such details in the first place.

Privacy

Privacy GDPR Personal data Computer and Electronics

OCR Announces Notification of Enforcement Discretion to Allow Uses and Disclosures of Protected Health Information by Business Associates for Public Health and Health Oversight Activities During The COVID-19 Nationwide Public Health Emergency

IG Guru

APRIL 3, 2020

Today (April 2, 2020), the Office for Civil Rights (OCR) at the U.S

Privacy

Privacy CMS IT Information governance

In California, Data Privacy Foresight is 2020: Data Privacy Trends

eDiscovery Daily

JULY 5, 2018

The law is set to take effect on January 1, 2020 (which explains my “clever” blog title)… :o). The post In California, Data Privacy Foresight is 2020: Data Privacy Trends appeared first on CloudNine. Jerry Brown.

Data Privacy

Data Privacy Privacy Sales Data collection

German DPA Issues Guidance on Data Transfers Following Schrems II

Hunton Privacy

SEPTEMBER 2, 2020

On August 24, 2020, the Data Protection Authority (“DPA”) of the German federal state of Baden-Württemberg issued guidance on international data transfers following the judgment of the Court of Justice of the European Union (“CJEU”) in the Schrems II case (decision C-311/18 of July 16, 2020).

Personal data

Personal data GDPR Risk Encryption

Cybersecurity Rules for Insurance Companies to Take Effect in South Carolina

Hunton Privacy

JANUARY 2, 2019

The law will also require insurance companies to “exercise due diligence” in choosing third-party service providers and to ensure that service providers have appropriate information safeguards in place no later than July 1, 2020.

Insurance

Insurance Cybersecurity Data breaches Encryption

India Releases Revised Non-Personal Data Framework

Hunton Privacy

JANUARY 15, 2021

On December 16, 2020, the Committee of Experts within India’s Ministry of Electronics and Information Technology (MeitY) (the “Committee”) issued a revised report on the Non-Personal Data Governance Framework (the “NPDF”) for India (the “Revised Committee Report”).

Personal data

Personal data Government Privacy IT

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

On November 26, 2020, the French Data Protection Authority (the “CNIL”) announced that it imposed a fine of €2.25 Between June 8, 2018 and April 6, 2019, the CNIL received 15 complaints from individuals relating to the exercise of their data protection rights with affiliates of the Carrefour Group. Background.

GDPR

GDPR Personal data Data collection Marketing

CIPL Submits White Paper on Data Subject Rights

Hunton Privacy

JULY 14, 2020

On July 8, 2020, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its White Paper (the “Paper”) as input for the European Data Protection Board’s (the “EDPB”) future guidelines on data subject rights (“DSRs”) (the “Guidelines”).

Paper

Paper GDPR Education Access

Got 2020 Clear Vision?

Daradiction

DECEMBER 31, 2009

As I reflect upon the past decade and get clear about my vision for my life by 2020 there are a few stories that I would like to share with you: Petunia Pickle Bottom. What effects do you want to create by 2020? Got 2020 Clear Vision? I didn’t find my North Star (community empowerment) until quite recently.

IT

IT Cloud Risk

Japan: Protection of Personal Information (APPI) Act to be Amended: Is your Business Ready?

DLA Piper Privacy Matters

AUGUST 3, 2020

On 5 June 2020, the Japanese Diet approved a bill to partially amend the Act on the Protection of Personal Information (the “ APPI” ). Further, the amended APPI allows data subjects to choose the method (in writing or through electronic means such as by email) to receive personal data upon exercising the right of access.

Personal data

Personal data Data breaches Compliance Analytics

CIPL Submits Response to DCMS Consultation on Representative Actions

Hunton Privacy

NOVEMBER 5, 2020

On October 22, 2020, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the UK Department for Digital, Culture, Media and Sport (“DCMS”) call for views and evidence on its review of representative actions under Section 189 of the Data Protection Act 2018 (“DPA”).

Compliance

Compliance Data breaches Personal data Marketing

Important Changes to the Singapore Data Privacy Regime

Data Matters

NOVEMBER 16, 2020

On November 2, 2020, Singapore’s legislature finally approved amendments to the Personal Data Protection Act (PDPA). The changes become law once a government gazette is passed (possibly before the end of 2020). Carry out data breach drills or tabletop exercises. NEW mandatory data breach notification requirement.

Data Privacy

Data Privacy Privacy Data breaches Personal data

FBI’s alert warns about using Windows 7 and TeamViewer

Security Affairs

FEBRUARY 14, 2021

“Beyond its legitimate uses, TeamViewer allows cyber actors to exercise remote control over computer systems and drop files onto victim computers, making it functionally similar to Remote Access Trojans (RATs),” states the FBI’s PIN alert.

Passwords

Passwords Systems administration Risk Access

N. Korean Kimsuky APT targets S. Korea-US military exercises

HHS Announces Exercise of Enforcement Discretion for Entities Engaged in COVID-19 Relief Efforts

Webinars

Trending Sources

How to Keep Your Information Safe for Data Privacy Day 2020

Webinars

6 reasons Collibra University Live 2020 will blow you away

Regulatory Update: NAIC Summer 2020 National Meeting

CISA analyzed stealthy malware found on compromised Pulse Secure devices

California Attorney General Reminds Health App Providers of Obligations to Protect Reproductive Health Information

5 best online cyber security training courses and certifications in 2020

California Attorney General Approves Additional CCPA Regulations

Threat Modeling Training at Blackhat 2020

US Cyber Command and Australian IWD to develop shared cyber training range

Phish Leads to Breach at Calif. State Controller

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

CNIL Fines Clearview AI 20 Million Euros for Unlawful Use of Facial Recognition Technology

Data Subject Access Requests – High Court dismisses claim where DSAR regime abused

The Netherlands – DPA imposes EUR 830,00 fine for access request fees

Microsoft Azure Certifications: Which Path is Right for You?

European Data Protection Supervisor Issues Schrems II Guidelines

CISA’s advisory warns of notable increase in LokiBot malware

New Dubai International Financial Centre Data Protection Law Comes into Effect

EDPB Adopts Guidelines on the Processing of Health Data During COVID-19

TrickBot gang developer arrested at the Seoul international airport

Comments Submitted on California Consumer Privacy Act of 2020—Initiative 19-0021

Navigating SEC Investigations: The Importance of Transparency and Cooperation in Communications and eDiscovery

ICO Publishes Its Accountability Framework

Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications

Logic bugs found in popular apps, including Signal and FB Messenger

Schrems II judgement due in July – what this might mean for your outsourcing deal

US govt agencies share details of the China-linked espionage malware Taidoor

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

UK Supreme Court Grants Google Permission to Appeal Class Action Claim in Lloyd vs Google LLC

Data Protection: Where’s the Brexit Privacy Dividend?

OCR Announces Notification of Enforcement Discretion to Allow Uses and Disclosures of Protected Health Information by Business Associates for Public Health and Health Oversight Activities During The COVID-19 Nationwide Public Health Emergency

In California, Data Privacy Foresight is 2020: Data Privacy Trends

German DPA Issues Guidance on Data Transfers Following Schrems II

Cybersecurity Rules for Insurance Companies to Take Effect in South Carolina

India Releases Revised Non-Personal Data Framework

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

CIPL Submits White Paper on Data Subject Rights

Got 2020 Clear Vision?

Japan: Protection of Personal Information (APPI) Act to be Amended: Is your Business Ready?

CIPL Submits Response to DCMS Consultation on Representative Actions

Important Changes to the Singapore Data Privacy Regime

FBI’s alert warns about using Windows 7 and TeamViewer

Stay Connected