The Last Watchdog

JUNE 3, 2022

Lots of innovation has come down the pike with respect to imbuing zero trust into two pillars of security operations: connectivity and authentication. Votiro’s new cloud services fit as a pillar of zero trust that is now getting more attention: directly protecting digital content in of itself. But that needs to change, he says.

Unstructured data 272

Unstructured data Cloud Authentication Digital transformation 272

IT Governance

NOVEMBER 6, 2023

When MOVEit was hacked by the Russian Cl0p ransomware gang in May, email addresses and links to government employee surveys were compromised. Most documents date from 2019 and 2020, and contain Social Security numbers, employees’ salaries, birthdates, addresses, phone numbers and other personal data. Boeing is “assessing the claim”.

Data Privacy 97

Data Privacy Privacy Libraries Security 97

Hunton Privacy

AUGUST 15, 2022

Covered entities must undergo annual penetration testing by a qualified independent party, as well as regular vulnerability assessments, and material gaps found during testing must be documented and reporting to the senior governing body. The risk assessments required by Section 500.9

Financial Services 55

Financial Services Cybersecurity Risk Passwords 55

Data Protection Report

AUGUST 11, 2022

Covered entities must also periodically test their incident response plans (including “disruptive events such as ransomware,” which NYDFS specifically would require) and their ability to restore systems from backups. Companies would need to maintain backups that are isolated from network connections. Asset inventories and Access Controls.

Cybersecurity 58

Cybersecurity Risk Passwords Compliance 58