Access, Financial Services, Government and Security

Accelerate hybrid cloud transformation through IBM Cloud for Financial Service Validation Program

IBM Big Data Hub

APRIL 4, 2024

This leaves many organizations hesitant to make the transition, fearing they will lose the control and security they have with their on-prem environments. A third-party investment review, where the ISV provides a bill of material showing what and how services are being used to meet compliance requirements, along with price points.

Financial Services

Financial Services Cloud Compliance Digital transformation

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. c)); – monitor privileged access activity by implementing a privileged access management (“PAM”) solution, and automatically blocking commonly used passwords (500.7(c));

Financial Services

Financial Services Cybersecurity Compliance Government

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor

Thales Cloud Protection & Licensing

AUGUST 31, 2022

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor. However, all this attention from cyber criminals, as well as regulators and governments, has produced an extremely resilient industry with some of the best cyber security practices of any sector. Thu, 09/01/2022 - 05:15.

Financial Services

Financial Services Cybersecurity Computer and Electronics Cloud

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. Any cybersecurity event that affects a third-party service provider that also affects the covered entity. Multifactor Authentication.

Financial Services

Financial Services Cybersecurity Ransomware Compliance

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Rocket Software

MARCH 14, 2022

Analyst firm IDC recently published a Vendor Spotlight report featuring ASG Mobius Content Services (Mobius) and its applications in the financial service and insurance industries. Going forward, businesses need to fill these gaps with the right solutions to manage critical information assets securely and effectively.

Financial Services

Financial Services Insurance Digital transformation Paper

Putting data storage at the forefront of cloud security

IBM Big Data Hub

NOVEMBER 7, 2023

Recent advances in areas like AI and quantum computing offer transformative potential for businesses, but may also bring new risks and security challenges. IBM is working to address these challenges and evolving threats by helping organizations support highly secure, resilient and durable storage through technology like Cloud Object Storage.

Cloud

Cloud Financial Services Security Compliance

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. GDPR (among other legal requirements in the EU and elsewhere) can expose multinational organizations to hefty financial penalties, additional rules for disclosing data breaches, and increased scrutiny of the adequacy of their data security.

Data Privacy

Data Privacy Compliance Privacy Security

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access

Access Financial Services Retail Insurance

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Ransomware Artificial Intelligence

Delivering security and scalability in today’s business landscape requires more than setting up a front line of defense

IBM Big Data Hub

DECEMBER 14, 2023

The stakes are especially high for organizations in highly regulated industries because they can be exploited through their digital supply chain, giving hackers access to consumers’ valuable and sensitive data. A cybersecurity strategy is not solely about managing risk across a business’ IT infrastructure.

Cloud

Cloud Security Data breaches Cybersecurity

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Some patients also had their Social Security numbers exposed.”

Data Privacy

Data Privacy Privacy Security Data breaches

Central Bank Digital Currency (CBDC) and blockchain enable the future of payments

IBM Big Data Hub

AUGUST 17, 2023

Some time ago, banks and governments started shifting their attention towards using digital assets in their operations and economies. Banks and governments are actively seeking CBDC because it is a more secure alternative to crypto. Blockchain technology is characterized by its transparency, security and immutability.

Blockchain

Blockchain Financial Services Risk Authentication

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. government, especially in light of ongoing tensions between the U.S. This is an important public action by the U.S. and Russia in Ukraine.

Cybersecurity

Cybersecurity Financial Services Authentication Government

An introduction to Wazi as a Service

IBM Big Data Hub

NOVEMBER 14, 2023

.” This cloud-native development and testing environment for z/OS applications is revolutionizing the modernization process by enabling secure DevSecOps practices. The platform can be automated through a standardized framework validated for Financial Services, leveraging the IBM Cloud Security and Compliance Center service (SCC).

Financial Services

Financial Services Cloud Compliance Digital transformation

Nissan Oceania data breach impacted roughly 100,000 people

Security Affairs

MARCH 14, 2024

Nissan immediately notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre. The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident. ” reads the update published by the company.

Data breaches

Data breaches Financial Services Ransomware Government

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

IBM Big Data Hub

JANUARY 10, 2024

Hybrid cloud has become the dominant approach for enterprise cloud strategies , but it comes with complexity and concerns over integration, security and skills. Hybrid cloud is also forcing a significant rethinking of how to secure and protect data and assets.

Security

Security Cloud Data Privacy Financial Services

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Security Affairs

DECEMBER 4, 2023

According to the report released by Resecurity, a Los Angeles-based company protecting Fortune 500 and governments worldwide, the attack against ICBC may be a precursor for significant malicious cyber activity against global financial system. LockBit specifically targeted ICBC Financial Services (ICBC FS), a wholly owned U.S.

Ransomware

Ransomware Financial Services Marketing Government

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

IBM Big Data Hub

DECEMBER 18, 2023

For organizations of all types—and especially those in highly regulated industries such as financial services, government, healthcare and telco—considerations including the rise of generative AI, evolving regulations and data sovereignty laws and ongoing security challenges must be top of mind.

Cloud

Cloud Financial Services Compliance Digital transformation

FCA sets out plans to make Big Tech a priority and provides update on its approach to AI

Data Protection Report

APRIL 23, 2024

The speech: key points As part of his speech, Mr Rathi explained that the FCA plans to examine how Big Tech firms’ unique access to large sets of data could unlock better products, more competitive prices and wider choice for consumers and businesses. The FCA also sets out its next steps.

Financial Services

Financial Services IT Marketing Retail

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. First American Financial Corp.

Insurance

Insurance Risk Financial Services Mining

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

The IBM 2023 Cost of a Data Breach Report , for example, highlights the continuous financial burden on retailers, which, coupled with potential reputational damage, emphasizes the dire need for retailers to prioritize and bolster their cybersecurity measures. Behind every system, software, and security protocol stands a human being.

Retail

Retail Cybersecurity Financial Services Encryption

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

Hunton Privacy

JULY 5, 2023

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published an updated proposed Second Amendment (“Amendment”) to its Cybersecurity Regulation, 23 NYCRR Part 500. As described below, senior governing bodies would have new oversight responsibilities under the amendments.

Cybersecurity

Cybersecurity IT Compliance Financial Services

CFPB’s Proposed Data Rules

Schneier on Security

JANUARY 31, 2024

Beyond these economic effects, the rules have important data security benefits. The CFPB’s rules align with a key security idea: the decoupling principle. When you get a car loan or a house mortgage, that information, along with your Social Security number and other sensitive data, is also shared with unknown third parties.

Financial Services

Financial Services Privacy Personal data Marketing

Papua New Guinea ‘s finance ministry was hit by a ransomware

Security Affairs

OCTOBER 29, 2021

A ransomware attack hit Papua New Guinea ‘s finance ministry and disrupted government payments and operations. Government officials confirmed that Papua New Guinea’s finance ministry was hit by a ransomware attack that disrupted government payments and operations. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Financial Services Government Data breaches

Top 12 Cloud Security Best Practices for 2021

eSecurity Planet

SEPTEMBER 10, 2021

From the very beginning of the cloud computing era, security has been the biggest concern among enterprises considering the public cloud. In addition, 95 percent of survey respondents confirmed that they are extremely to moderately concerned about public cloud security. What is cloud security?

Cloud

Cloud Security Encryption Risk

OCR Labs exposes its systems, jeopardizing major banking clients

Security Affairs

APRIL 6, 2023

A digital identification tool provided by OCR Labs to major banks and government agencies leaked sensitive credentials, putting clients at severe risk. Its services are used by companies and financial institutions including BMW, Vodafone, the Australian government, Westpac, ANZ, HSBC, and Virgin Money.

IT

IT Financial Services Access Risk

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

NEW TECH: Cequence Security deploys defense against botnets’ assault on business logic

The Last Watchdog

MARCH 26, 2019

Pick any company in any vertical – financial services, government, defense, manufacturing, insurance, healthcare, retailing, travel and hospitality – and you’ll find employees, partners, third-party suppliers and customers all demanding remote access to an expanding menu of apps — using their smartphones and laptops.

Security

Security Digital transformation Financial Services Risk

Collibra and Amazon Web Services (AWS) partnership reaches new heights

Collibra

JULY 14, 2023

Today, we’re excited to announce we’ve attained two new AWS Competencies under the AWS Competency Program: the Data and Analytics Competency, and the Government Competency. Collibra takes immense pride in achieving the AWS Data and Analytics Competency and the AWS Government Competency.

Analytics

Analytics Government Metadata Financial Services

Cuba Ransomware received over $60M in Ransom payments as of August 2022

Security Affairs

DECEMBER 2, 2022

Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide as of August 2022, the US government states. Third-party and open-source reports have identified a possible link between Cuba ransomware actors, RomCom Remote Access Trojan (RAT) actors, and Industrial Spy ransomware actors.”

Ransomware

Ransomware Financial Services Manufacturing Phishing

SHARED INTEL: Poll highlights the urgency to balance digital resiliency, cybersecurity

The Last Watchdog

SEPTEMBER 21, 2022

Yet, with all these changes, the specter of security breaches remains high. This explains the rise and popularity of Zero Trust as a framework for securing networks in these new realities as an effective tool to drive cybersecurity initiatives within the entire enterprise. and Eastern Europe, which favor public cloud.

Cybersecurity

Cybersecurity Digital transformation Cloud Financial Services

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

Thales Cloud Protection & Licensing

APRIL 29, 2024

Comprehensive cybersecurity legislation is imperative to build and maintain confidence in the future and ensure a secure digital landscape. When enforced, the regulation will mandate manufacturers to prioritize security from the design stage and throughout the product's entire lifecycle.

Compliance

Compliance Cybersecurity Risk Manufacturing

IBM Cloud delivers enterprise sovereign cloud capabilities

IBM Big Data Hub

FEBRUARY 22, 2024

IBM’s Enterprise Cloud for Regulated Industries Building on our expertise working with enterprise clients in industries such as financial services, government, healthcare and telco, we saw the need for a cloud platform designed with the unique needs of these heavily regulated industries in mind.

Cloud

Cloud Computer and Electronics Compliance Financial Services

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Krebs on Security

JULY 1, 2021

Financial services giant Intuit this week informed 1.4 Intuit says the change is tied to an “exciting” and “free” new service that will let millions of small business employees get easy access to employment and income verification services when they wish to apply for a loan or line of credit.

Financial Services

Financial Services Government Authentication IT

GUEST ESSAY: 5 security steps all companies should adopt from the Intelligence Community

The Last Watchdog

DECEMBER 6, 2018

Businesses at large would do well to model their data collection and security processes after what the IC refers to as the “intelligence cycle.” This cycle takes a holistic approach to detecting and deterring external threats and enforcing best-of-class data governance procedures. infrastructure from cyber attacks.

Security

Security Financial Services Manufacturing Data collection

$8 million penalty to NYDFS – and another case of over-retention

Data Protection Report

JANUARY 18, 2024

On January 3, 2024, the New York Department of Financial Services announced a consent order with GGT, where GGT agreed to pay NYDFS $8 million and to surrender its BitLicense (for cryptocurrency trading), due to alleged violations of NYDFS’ cybersecurity and its virtual currency regulations.

Cybersecurity

Cybersecurity Financial Services Compliance Encryption

China: Navigating China episode 16: New data lifecycle guidelines for financial institutions in China – detailed assessments, additional security measures and some data localisation introduced

DLA Piper Privacy Matters

APRIL 20, 2021

This introduces a data lifecycle security framework, and represents the key guideline for handling personal and other financial information by financial institutions (i.e. similar to the PIS Specification, but focused on the banking and financial services industry). Level 3: personal financial information.

Compliance

Compliance Security Financial Services Data collection

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

Microsoft’s Defender team, FS-ISAC , ESET , Lumen’s Black Lotus Labs , NTT , and Broadcom’s cyber-security division Symantec joint the forces and announced today a coordinated effort to take down the command and control infrastructure of the infamous TrickBot botnet. ” reads the post published by Microsoft.

Security

Security Financial Services Ransomware Access

Tackling Data Sovereignty with DDR

Security Affairs

JUNE 20, 2023

Those who fail to take a proactive approach to secure their data often learn the hard way how vulnerable – and valuable – that data can be. Data sovereignty plays a crucial role in a robust security strategy. DDR in Cybersecurity Data sovereignty has a profound impact on cybersecurity.

Compliance

Compliance Cybersecurity Risk Encryption

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. It includes multi-disciplinary risk and compliance management solutions and tools, including: IT & security risk management. Third-party governance.

Compliance

Compliance Risk Government Retail

Microsoft: Russia-linked SolarWinds hackers breached three new entities

Security Affairs

JUNE 26, 2021

Threat actors carried out brute-force and password spraying attacks in an attempt to gain access to Microsoft customer accounts. Most of the targeted organizations are IT companies (57%), followed by government organizations (20%). The hackers also targeted non-governmental organizations and think tanks, as well as financial services.

Financial Services

Financial Services Access Authentication Passwords

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

Security Affairs

MARCH 8, 2022

. “As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” reads the FBI’s flash alert.

Ransomware

Ransomware Passwords Financial Services Manufacturing

BEST PRACTICES: Rising complexities of provisioning identities has pushed ‘IGA’ to the fore

The Last Watchdog

APRIL 3, 2019

Identity governance and administration, or IGA , has suddenly become a front-burner matter at many enterprises. Related: Identity governance issues in the age of digital transformation. I had the chance at RSA 2019 to visit with Mike Kiser, global strategist at SailPoint , an Austin, TX-based supplier of IGA services to discuss this.

Digital transformation

Digital transformation Insurance Compliance Healthcare

Accelerate hybrid cloud transformation through IBM Cloud for Financial Service Validation Program

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Webinars

Trending Sources

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor

Webinars

NYDFS Amends Cybersecurity Rules for Financial Services Companies

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Putting data storage at the forefront of cloud security

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Security Compliance & Data Privacy Regulations

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Delivering security and scalability in today’s business landscape requires more than setting up a front line of defense

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

Central Bank Digital Currency (CBDC) and blockchain enable the future of payments

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

An introduction to Wazi as a Service

Nissan Oceania data breach impacted roughly 100,000 people

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

FCA sets out plans to make Big Tech a priority and provides update on its approach to AI

First American Financial Pays Farcical $500K Fine

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

CFPB’s Proposed Data Rules

Papua New Guinea ‘s finance ministry was hit by a ransomware

Top 12 Cloud Security Best Practices for 2021

OCR Labs exposes its systems, jeopardizing major banking clients

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

NEW TECH: Cequence Security deploys defense against botnets’ assault on business logic

Collibra and Amazon Web Services (AWS) partnership reaches new heights

Cuba Ransomware received over $60M in Ransom payments as of August 2022

SHARED INTEL: Poll highlights the urgency to balance digital resiliency, cybersecurity

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

IBM Cloud delivers enterprise sovereign cloud capabilities

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

GUEST ESSAY: 5 security steps all companies should adopt from the Intelligence Community

$8 million penalty to NYDFS – and another case of over-retention

China: Navigating China episode 16: New data lifecycle guidelines for financial institutions in China – detailed assessments, additional security measures and some data localisation introduced

Microsoft partnered with other security firms to takedown TrickBot botnet

Tackling Data Sovereignty with DDR

Top 10 Governance, Risk and Compliance (GRC) Vendors

Microsoft: Russia-linked SolarWinds hackers breached three new entities

Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors

BEST PRACTICES: Rising complexities of provisioning identities has pushed ‘IGA’ to the fore

Stay Connected