2022, Financial Services and Security - Information Management Today

Data Protection in Financial Services Week 2022

Data Matters

FEBRUARY 25, 2022

Sidley and OneTrust DataGuidance are pleased to announce that registration is now open for their annual Data Protection in Financial Services (DPFS) Week. Join us from February 28 – March 3 for DPFS Week 2022 , a series of webinars looking at the impacts of data privacy across the financial sector.

Financial Services

Financial Services Privacy Data Privacy Cybersecurity

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

Thales Cloud Protection & Licensing

JANUARY 16, 2024

Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds madhav Wed, 01/17/2024 - 05:46 The Digital Operational Resilience Act (DORA) will apply to the EU financial sector from 17 January 2025. As set out in its Article 2, DORA applies to the entire financial services sector.

Financial Services

Financial Services Cloud Cybersecurity Encryption

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

Thales Cloud Protection & Licensing

JANUARY 11, 2023

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List. Fasten your seatbelts and enjoy the Top 5 list of Thales webinars for 2022. Trends in Cloud Security: Key Findings from the 2022 Cloud Security Study. Thu, 01/12/2023 - 05:54.

Compliance

Compliance Cloud Security Financial Services

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. These revisions represent the most significant modifications since the enactment of the rules in March 2017. f), is sufficient to trigger this new notice requirement.

Financial Services

Financial Services Cybersecurity Compliance Government

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor

Thales Cloud Protection & Licensing

AUGUST 31, 2022

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor. Thu, 09/01/2022 - 05:15. However, all this attention from cyber criminals, as well as regulators and governments, has produced an extremely resilient industry with some of the best cyber security practices of any sector.

Financial Services

Financial Services Cybersecurity Computer and Electronics Cloud

Oracle Critical Patch Update for January 2022 will fix 483 new flaws

Security Affairs

JANUARY 17, 2022

The pre-release announcement for Critical Patch Update (CPU) for January 2022 states that Oracle will fix 483 new flaws. This pre-release announcement for Critical Patch Update (CPU) for January 2022 confirms that Oracle security updates will address 483 new security patches. Pierluigi Paganini.

Communications

Communications Financial Services Big data Retail

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. The proposed amendments revise several aspects of the draft Cybersecurity Rule amendments released on July 29, 2022. Cybersecurity Governance.

Financial Services

Financial Services Cybersecurity Ransomware Compliance

Cuba Ransomware received over $60M in Ransom payments as of August 2022

Security Affairs

DECEMBER 2, 2022

Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide as of August 2022, the US government states. ” reads the report. Pierluigi Paganini.

Ransomware

Ransomware Financial Services Manufacturing Phishing

Vermont Enacts Insurance Data Security Law

Hunton Privacy

JUNE 9, 2022

On May 27, 2022, Vermont Governor Phil Scott signed H.515 515 , making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law (“MDL-668”). Information Security Program Requirements.

Insurance

Insurance Security Information Security Cybersecurity

How Can We Secure The Future of Digital Payments?

Thales Cloud Protection & Licensing

JANUARY 10, 2022

How Can We Secure The Future of Digital Payments? Tue, 01/11/2022 - 06:35. The financial services ecosystem has evolved tremendously over the past few years driven by a surge in the adoption of digital payments. Security is paramount; digital payments are not only authorized but they must be authenticated as well.

Retail

Retail Security Financial Services Authentication

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

In March 2022, the US Federal Bureau of Investigation (FBI) and CISA published a flash alert to warn that the Ragnar Locker ransomware gang breached the networks of at least 52 organizations across 10 critical infrastructure sectors. “As

Ransomware

Ransomware Financial Services Manufacturing Government

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Ransomware Artificial Intelligence

Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

DLA Piper Privacy Matters

MARCH 30, 2023

In total 10,008 cases were concluded by the DPC in 2022 (a slight reduction on last years’ figures). As of 31 December 2022, the DPC had 88 statutory inquiries on-hand, including 22 cross-border inquiries. Complaints Handling The Annual Report notes another year of extensive enforcement work by the DPC.

Personal data

Personal data GDPR Compliance Financial Services

Akamai prevented the largest DDoS attack on a US financial company

Security Affairs

SEPTEMBER 10, 2023

. “Historically, approximately 10% to 15% of the DDoS attacks observed by Akamai have been aimed at customers in the financial services industry.” In fact, over the past four quarters, more than 30% of the DDoS attacks have been aimed at financial services companies.” ” concludes Akamai.

Financial Services

Financial Services Ransomware Cybersecurity IT

8 Interesting Predictions for the Intelligent Information Capture Market in 2022

Info Source

MARCH 16, 2022

At the beginning of the year, I wrote out a list of predictions for 2022 and shared them on LinkedIn (and in Document Imaging Report ). The Infosource analyst team expects the demand for these devices to remain at a high level in 2022. In 2022, we expect subscription sales to surpass perpetual license sales for the first time.

Information capture

Information capture Marketing Digital transformation Cloud

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

October is both Cybersecurity Awareness Month in the US and European Cyber Security Month in the EU – twin campaigns on either side of the Atlantic that aim to improve awareness of the importance of cyber security both at work and at home, and provide tips on how to stay secure.

Phishing

Phishing Financial Services Manufacturing Personal data

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement).

Ransomware

Ransomware Cybersecurity Agriculture Education

8 Interesting Predictions for the Intelligent Information Capture Market in 2022

Info Source

MARCH 16, 2022

At the beginning of the year, I wrote out a list of predictions for 2022 and shared them on LinkedIn (and in Document Imaging Report ). The Infosource analyst team expects the demand for these devices to remain at a high level in 2022. In 2022, we expect subscription sales to surpass perpetual license sales for the first time.

Information capture

Information capture Marketing Digital transformation Cloud

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself. That InfraGard member, who is head of security at a major U.S. Department of Defense.

Sales

Sales Energy and Utilities Communications Data breaches

Spotlight: Traceable CSO Richard Bird on Securing the API Economy

The Security Ledger

APRIL 5, 2023

In this Spotlight episode of the Security Ledger podcast, I interview Richard Bird, the CSO of the firm Traceable AI about the challenge of securing application programming interfaces (APIs), which are increasingly being abused to steal sensitive data. What is the fix for API security issues? Read the whole entry. »

Security

Security Digital transformation Financial Services Cloud

The Clock is Ticking for PCI DSS 4.0 Compliance

Thales Cloud Protection & Licensing

SEPTEMBER 18, 2023

Compliance madhav Tue, 09/19/2023 - 05:17 It is essential for any business that stores, processes, and transmits payment card information to comply with the Payment Card Industry Data Security Standard (PCI DSS). Consumers’ payment data is a compelling target for criminals who continue to circumvent IT security defenses.

Compliance

Compliance Financial Services Data breaches Encryption

5 things to know: IBM Cloud’s mission to accelerate innovation for clients

IBM Big Data Hub

AUGUST 1, 2023

We are bringing the power of foundation models with the availability of a GPU as a service on IBM Cloud offering to help organizations tap into artificial intelligence (AI) in a secured environment while aiming to mitigate third- and fourth-party risk.

Financial Services

Financial Services Computer and Electronics Cloud Digital transformation

The future of fax matters

OpenText Information Management

OCTOBER 18, 2022

Fax in 2022? But fax in 2022 is far from a punch line. It’s an essential part of enterprise communications for industries like healthcare, law, insurance and financial services. Why don’t you just send it over on a dinosaur! Or a carrier pigeon? Honestly, we’ve heard them all.

Insurance

Insurance Financial Services Communications IT

NY DFS Proposes New Class of Entities and More Detailed Regulations in Second Amendment to Cybersecurity Regulations

Data Matters

DECEMBER 6, 2022

On November 9, 2022, the New York Department of Financial Services (DFS) published its proposed second amendment to its cybersecurity regulations (23 NY CRR Part 500). This proposal follows a July 29 pre-proposal and comment period.

Cybersecurity

Cybersecurity Financial Services Privacy IT

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

For example, one domain the gang has used since March 2022 is ushank[.]com financial services firm Ameriprise uses the domain ameriprise.com; the Disneyland Team’s domain for Ameriprise customers is [link] [brackets added to defang the domain], which displays in the browser URL bar as ? Bank customers.

Phishing

Phishing Authentication Financial Services Access

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

You’d therefore expect that the sector fares better at data security than your average organisation. The public data set on the ICO (Information Commissioner’s Office) website shows that data security isn’t necessarily better for financial organisations. What do the statistics say? million (about £4.70

Risk

Risk Data breaches Authentication Financial Services

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

In 2022, LockBit was one of the most active ransomware groups, and its prevalence continued into 2023. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

A Russian national charged for committing LockBit Ransomware attacks

Security Affairs

JUNE 16, 2023

In securing the arrest of a second Russian national affiliated with the LockBit ransomware, the Department has once again demonstrated the long arm of the law. In November 2022, the U.S. On or about May 27, 2022, the man and his Hive coconspirators allegedly hit a nonprofit behavioral healthcare organization in New Jersey.

Ransomware

Ransomware Agriculture Education Government

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. Like an incident response plan, MFA has become a critical element of cybersecurity programs.

Cybersecurity

Cybersecurity Financial Services Authentication Government

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

$8 million penalty to NYDFS – and another case of over-retention

Data Protection Report

JANUARY 18, 2024

On January 3, 2024, the New York Department of Financial Services announced a consent order with GGT, where GGT agreed to pay NYDFS $8 million and to surrender its BitLicense (for cryptocurrency trading), due to alleged violations of NYDFS’ cybersecurity and its virtual currency regulations.

Cybersecurity

Cybersecurity Financial Services Compliance Encryption

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

Krebs on Security

OCTOBER 7, 2022

who in April 2022 opened an investigation into fraud tied to Zelle , the “peer-to-peer” digital payment service used by many financial institutions that allows customers to quickly send cash to friends and family. million of payments in 2021 and the first half of 2022,” the report summarized.

Passwords

Passwords Financial Services IT Phishing

Russia-Ukraine cyber conflict poses critical infrastructure at risk

Security Affairs

MARCH 14, 2022

Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial services, government facilities, nuclear reactors, and critical manufacturing. Check Host: [link] pic.twitter.com/J9OSdBLnzf — Anonymous (@LiteMods) February 25, 2022. ” reported researchers from Cyble.

Risk

Risk Financial Services Manufacturing Communications

Remcos RAT campaign targets US accounting and tax return preparation firms

Security Affairs

APRIL 16, 2023

The recent campaign exclusively aims at organizations that deal with tax preparation, financial services, CPA and accounting firms, and professional service firms dealing in bookkeeping and tax. Crooks use lures masquerading as tax documentation sent by a client. LNK) files.

Phishing

Phishing Financial Services Education Cybersecurity

CaixaBank CIO Pere Nebot discusses modernizing business operations for an enhanced, customer-centric experience

IBM Big Data Hub

JULY 12, 2023

For years, the bank has been part of IBM’s growing ecosystem of financial institutions and technology partners leveraging IBM Cloud for Financial Services to help deliver more improved customer services and products better tailored to each individual customer’s financial needs.

Digital transformation

Digital transformation Financial Services Cloud Customer Experience

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Security Affairs

SEPTEMBER 29, 2022

The experts were able to enumerate the C2s and targets of multiple distinct Chaos clusters, some of which were employed in recent DDoS attacks against the gaming, financial services and technology, and media and entertainment industries. .” reads the analysis published by Lumen Technologies. ” continues the report. .

Mining

Mining Financial Services IT Security

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. However, despite the critical status of bank infrastructure on the national level, the security of crucial data was not ensured. million files belonging to ICICI Bank. “The

Personal data

Personal data Phishing Risk Financial Services

UK Government and the Dubai International Financial Centre Issue Joint Statement on Data Bridge

Hunton Privacy

DECEMBER 19, 2022

On December 15, 2022, the UK government and the Dubai International Financial Centre Authority (“DIFC”) issued a joint statement on the shared commitment to deepening the UK-DIFC data partnership.

Government

Government Financial Services Personal data Security

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

JANUARY 25, 2022

But Jim has long had a security freeze on his credit file with the three major consumer credit reporting bureaus , and none of the lenders seemed willing to proceed without at least a peek at his credit history. 14, 2022 breach notification letter from tribal lender Mountain Summit Financial. A portion of the Jan.

Financial Services

Financial Services IT Data breaches Authentication

FFIEC Updates Its Cybersecurity Guidelines For Financial Institutions

ForAllSecure

JANUARY 31, 2023

On October 3, 2022, the Federal Financial Institutions Examination Council's ( FFIEC ) updated its 2018 Cybersecurity Resource Guide for Financial Institutions. The guide also serves as an educational resource on the latest security technologies.

Cybersecurity

Cybersecurity IT Financial Services Risk

Collibra Data Intelligence: tackle 2023’s biggest data challenges

Collibra

JANUARY 31, 2023

But a much smaller percentage actually adopt and integrate data intelligence into their decision-making, according to the 2022 Data Intelligence Index. Indeed, the datasphere is forecast to reach 97 zettabytes in 2022 — and double (!) Finally, Collibra is secure. Bolster the security of your data at scale and in the cloud.

Digital transformation

Digital transformation Data Privacy Privacy Cloud

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

However, basic cybersecurity tools and practices, like patching , strong passwords , and multi-factor authentication (MFA), “can prevent 80 to 90% of cyberattacks,” said Anne Neuberger, deputy national security advisor for cyber and emerging technologies, during a White House press conference in Sept. Cyberattack Statistics.

Ransomware

Ransomware Cybersecurity Phishing Encryption

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Also charged with treason was Ruslan Stoyanov , then a senior employee at Russian security firm Kaspersky Lab [the Forbes.ru National Security Agency (NSA). Days after Russia invaded Ukraine in February 2022, a Ukrainian researcher leaked several years of internal chat logs from the Conti ransomware gang. This is not the U.S.

Ransomware

Ransomware Government Cybersecurity Blockchain

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

“As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Passwords Financial Services Manufacturing

Data Protection in Financial Services Week 2022

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

Webinars

Trending Sources

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

Webinars

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor

Oracle Critical Patch Update for January 2022 will fix 483 new flaws

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Cuba Ransomware received over $60M in Ransom payments as of August 2022

Vermont Enacts Insurance Data Security Law

How Can We Secure The Future of Digital Payments?

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

Akamai prevented the largest DDoS attack on a US financial company

8 Interesting Predictions for the Intelligent Information Capture Market in 2022

Catches of the Month: Phishing Scams for October 2023

Cybersecurity agencies published a joint LockBit ransomware advisory

8 Interesting Predictions for the Intelligent Information Capture Market in 2022

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Spotlight: Traceable CSO Richard Bird on Securing the API Economy

The Clock is Ticking for PCI DSS 4.0 Compliance

5 things to know: IBM Cloud’s mission to accelerate innovation for clients

The future of fax matters

NY DFS Proposes New Class of Entities and More Detailed Regulations in Second Amendment to Cybersecurity Regulations

Disneyland Malware Team: It’s a Puny World After All

Risk Management under the DORA Regulation

Operation Cronos: law enforcement disrupted the LockBit operation

A Russian national charged for committing LockBit Ransomware attacks

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

$8 million penalty to NYDFS – and another case of over-retention

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

Russia-Ukraine cyber conflict poses critical infrastructure at risk

Remcos RAT campaign targets US accounting and tax return preparation firms

CaixaBank CIO Pere Nebot discusses modernizing business operations for an enhanced, customer-centric experience

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Multinational ICICI Bank leaks passports and credit card numbers

UK Government and the Dubai International Financial Centre Issue Joint Statement on Data Bridge

Scary Fraud Ensues When ID Theft & Usury Collide

FFIEC Updates Its Cybersecurity Guidelines For Financial Institutions

Collibra Data Intelligence: tackle 2023’s biggest data challenges

What is a Cyberattack? Types and Defenses

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Stay Connected