2024, Access, Financial Services and Government

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. Additional changes to required policies and procedures will not begin to take effect until April 2024 and rolling thereafter.

Financial Services

Financial Services Cybersecurity Compliance Government

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business

Thales Cloud Protection & Licensing

DECEMBER 20, 2023

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business madhav Thu, 12/21/2023 - 05:15 People always want to comprehend what the future brings. 2024 promises to be a pivotal year, bringing transformative advancements and new challenges in tech and cybersecurity. The same is true for today’s business leaders.

Cybersecurity

Cybersecurity Blockchain Artificial Intelligence Encryption

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

Thales Cloud Protection & Licensing

APRIL 29, 2024

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders madhav Tue, 04/30/2024 - 05:32 Trust is the currency of the digital economy. The Thales 2024 Trust Index report indicates that 87% of consumers expect vendors to respect their digital rights, which leads to trusted relationships. Like DORA, PCI DSS 4.0

Compliance

Compliance Cybersecurity Risk Manufacturing

$8 million penalty to NYDFS – and another case of over-retention

Data Protection Report

JANUARY 18, 2024

2024 was not a happy new year for Genesis Global Trading, Inc. (“GGT”). Companies should focus on establishing and implementing a reasonable information governance policy and record retention schedule with special emphasis on documents that contain personal information. This post will focus on the cybersecurity regulation issues. (For

Cybersecurity

Cybersecurity Financial Services Compliance Encryption

FCA sets out plans to make Big Tech a priority and provides update on its approach to AI

Data Protection Report

APRIL 23, 2024

On 22 April 2024, the Financial Conduct Authority ( FCA ) published a speech by its chief executive, Nikhil Rathi, entitled ‘Navigating the UK’s Digital Regulation Landscape: Where are we headed?’. The FCA also sets out its next steps.

Financial Services

Financial Services IT Marketing Retail

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

It is not known how long the database was publicly available, nor whether anyone else accessed it. In January 2024, it identified more potential victims, and has now written to inform them that their personal data may have been compromised in the incident. Key dates 31 March 2024 – PCI DSS v4.0 of the Standard.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

IBM Big Data Hub

DECEMBER 18, 2023

As we look ahead to 2024, enterprises around the world are undoubtedly evaluating their progress and creating a growth plan for the year to come. IBM Cloud Hyper Protect Crypto Services offers “keep your own key” encryption capabilities, designed to allow clients exclusive key control and help address privacy needs.

Cloud

Cloud Financial Services Compliance Digital transformation

NYDFS finalizes cybersecurity rule amendments

Data Protection Report

NOVEMBER 2, 2023

On November 1, 2023, the New York Department of Financial Services (NYDFS) finalized the second amendment to its cybersecurity regulations, which are available here. c)), or Monday, April 29, 2024. NYDFS stated: The Department has revised the language of § 500.17(a) Most changes will take effect in 180 days (500.22(c)),

Cybersecurity

Cybersecurity Compliance Financial Services Government

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

Perhaps even more concerning to EU lawmakers is how dependent society at large is on banking and other financial services. In turn, financial institutions heavily depend on ICT to be able to provide those services to begin with. Simply losing access to an asset, for example, can be just as problematic.

Risk

Risk Data breaches Authentication Financial Services

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 The operation led to the arrest of two members of the ransomware gang in Poland and Ukraine and the seizure of hundreds of crypto wallets used by the group. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

IT Governance

JANUARY 16, 2024

GB Rebekah Children’s Services Source (New) Non-profit USA Yes 2,805 Butte School District Source 1 ; source 2 (Update) Education USA Yes 2,658 Dignity Health Nevada St. Source (New) Real estate USA Yes 10 GB Unitex Source (New) Manufacturing USA Yes 9.5

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

IT Governance

JANUARY 23, 2024

Microsoft gives all businesses access to AI-powered Office features When Microsoft launched Copilot for Office 365 in November 2023, it required enterprise customers to have at least 300 users. Subscribe now The post The Week in Cyber Security and Data Privacy: 15 – 21 January 2024 appeared first on IT Governance UK Blog.

Data Privacy

Data Privacy Privacy Manufacturing Retail

CISA issues proposed rules for cyber incident reporting in critical infrastructure

Data Protection Report

APRIL 9, 2024

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) published a Notice of Proposed Rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which imposes new reporting requirements for entities operating in critical infrastructure sectors.

Ransomware

Ransomware Agriculture Cybersecurity Government

California Seeks to Regulation Employer Use of AI

Hunton Privacy

FEBRUARY 28, 2024

As reported on the Hunton Employment & Labor Perspectives blog , on February 15, 2024, California lawmakers introduced the bill AB 2930. AB 2930 aims to prevent algorithmic discrimination through impact assessments, notice requirements, governance programs, policy disclosure requirements and providing for civil liability.

Artificial Intelligence

Artificial Intelligence Government Risk Financial Services

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

million to settle a complaint alleging that the home security camera company Ring “allowed employees and contractors to access consumers’ private videos and failed to implement security protections, enabling hackers to take control of consumers’ accounts, cameras, and videos”. iSharing is used by more than 35 million users.

Data Privacy

Data Privacy Privacy Manufacturing Security

How better key management can close cloud security gaps troubling US government

Thales Cloud Protection & Licensing

FEBRUARY 28, 2024

How better key management can close cloud security gaps troubling US government madhav Thu, 02/29/2024 - 05:38 In my first blog on this topic I noted a Treasury Department report released last year listed six cloud security challenges financial sector firms face. This hack included US Government networks.

Cloud

Cloud Government Encryption Security

Keeping Customer Data Safe: AI's Privacy Paradox

Thales Cloud Protection & Licensing

MARCH 14, 2024

Keeping Customer Data Safe: AI's Privacy Paradox andrew.gertz@t… Thu, 03/14/2024 - 17:38 AI's appeal lies in its ability to personalize and streamline customer experiences in ways previously unimaginable. This finding is backed up by the Thales 2024 Consumer Digital Trust Index, “Building Digital Experiences that Enhance Consumer Trust.”

Privacy

Privacy Data Privacy Analytics Risk

Security Affairs newsletter Round 449 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 10, 2023

billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Security

Security Ransomware Data breaches Phishing

Information Management Today

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business

Trending Sources

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

$8 million penalty to NYDFS – and another case of over-retention

FCA sets out plans to make Big Tech a priority and provides update on its approach to AI

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

NYDFS finalizes cybersecurity rule amendments

Risk Management under the DORA Regulation

More details about Operation Cronos that disrupted Lockbit operation

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

CISA issues proposed rules for cyber incident reporting in critical infrastructure

California Seeks to Regulation Employer Use of AI

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

How better key management can close cloud security gaps troubling US government

Keeping Customer Data Safe: AI's Privacy Paradox

Security Affairs newsletter Round 449 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected