Krebs on Security

JANUARY 25, 2022

Although he didn’t technically have an account with MSF, their authentication system is based on email addresses, so Jim requested that a password reset link be sent to his email address. MSF said the personal information involved in this incident may have included name, date of birth, government-issued identification numbers (e.g.,

Financial Services 223

Financial Services IT Data breaches Passwords 223

IBM Big Data Hub

FEBRUARY 5, 2024

The Digital Operational Resilience Act (DORA) marks a significant milestone in the European Union’s (EU) efforts to bolster the operational resilience of the financial sector in the digital age. Article 7 of the draft RTS delves into cryptographic key management, emphasizing the importance of lifecycle management for cryptographic keys.

Encryption 67

Encryption Data Privacy Compliance Cloud 67

eSecurity Planet

JUNE 16, 2022

However, basic cybersecurity tools and practices, like patching , strong passwords , and multi-factor authentication (MFA), “can prevent 80 to 90% of cyberattacks,” said Anne Neuberger, deputy national security advisor for cyber and emerging technologies, during a White House press conference in Sept. Other methods.

Ransomware 145

Ransomware Cybersecurity Phishing Encryption 145

Hunton Privacy

AUGUST 15, 2022

On July 29, 2022, the New York Department of Financial Services (“NYDFS”) posted proposed amendments (“Proposed Amendments”) to its Cybersecurity Requirements for Financial Services Companies (“Cybersecurity Regulations”). As part of the “training and monitoring” requirements under Section 500.14 Additional Requirements.

Financial Services 55

Financial Services Cybersecurity Risk Passwords 55

Thales Cloud Protection & Licensing

DECEMBER 4, 2019

While this event is still considered one of the most grandiose thefts, financial institutions today collectively face digital attacks that easily rival it. Theft and other data security incidents cost financial institutions millions of dollars and result in more consumer records being lost or stolen, year after year.

Financial Services 22

Financial Services Encryption Cloud Digital transformation 22

HL Chronicle of Data Protection

MARCH 14, 2019

The plan must enable FIs to promptly respond to and recover from security events affecting customer information. It must also address the goals of the plan, internal processes for responding to a security event, and documentation and reporting regarding security events and related incident response activities. Board reporting.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

Thales Cloud Protection & Licensing

JULY 24, 2018

The 57 percent rate statistic is the highest of all verticals we measured in this year’s report (others include the healthcare industry, the retail industry, and the financial services industry) or any region surveyed. More so than commercial enterprises, government agencies are making a massive shift to the cloud.

Encryption 48

Encryption Cloud Data breaches Government 48

DLA Piper Privacy Matters

JULY 30, 2019

Beyond data breach notification laws relating to personal information, the covered entity and service provider’s rights and obligations relating to cyber incidents are often defined by contract. At least nine states expressly extend these requirements to service providers.

Data breaches 45

Data breaches Cybersecurity Financial Services Risk 45

ForAllSecure

JANUARY 19, 2022

To use a service, we enter our user name and a password. But this method of authentication is flawed; either hashed or hashed and salted, usernames and passwords can still be stolen and reused. It seems to me that that's where we get into multi factor authentication, that the composite if different forms of ID tells someone who we are.

Passwords 52

Passwords Authentication Access Data breaches 52

eSecurity Planet

MARCH 26, 2021

While ransomware attacks have become a ubiquitous event these days, what makes this attack distinctive is the ransom demand itself. . This vulnerability allows an attacker to make an untrusted connection to Exchange server port 443, allowing them to send arbitrary HTTP requests and authenticate as the Exchange server.

Ransomware 57

Ransomware Authentication Financial Services Military 57

Data Protection Report

AUGUST 11, 2022

On July 29, 2022, the New York Department of Financial Services (NYDFS) announced a “pre-proposed outreach” of material proposed changes to almost every section of its cybersecurity regulations, and would affect each entity covered by the current regulations of 23 NYCRR Part 500. Governance. The Proposed Regulation Changes.

Cybersecurity 59

Cybersecurity Risk Passwords Compliance 59

eSecurity Planet

AUGUST 13, 2021

Since the inception of data forensics almost forty years ago, methods for investigating security events have given way to a market of vendors and tools offering digital forensics software (DFS). Added features include GPS and smartphone tracking, internet history analysis, image recovery and authentication, and chip-off analysis.

e-Discovery 139

e-Discovery Computer and Electronics Marketing Compliance 139

Hunton Privacy

JUNE 12, 2017

Department of Health and Human Services’ Office for Civil Rights (“OCR”) and the Health Care Industry Cybersecurity Task Force (the “Task Force”) have published important materials addressing cybersecurity in the health care industry. lists key steps that an organization must undertake in the event of a cyber attack. What do we do now?,”

Cybersecurity 45

Cybersecurity Computer and Electronics Education Financial Services 45

eSecurity Planet

MAY 27, 2021

Security information and event management SIEM Splunk IBM. Kaspersky has been dogged by ties to the Russian government to the point we felt obligated to inform readers of the best alternatives to Kaspersky. Since 2009, Okta has been a thought leader in the access, authentication, and authorization space. XM Cyber Platform.

Security 117

Security Cloud Analytics Access 117

eSecurity Planet

JUNE 1, 2021

“From there, the actor was able to distribute phishing emails that looked authentic but included a link that, when clicked, inserted a malicious file used to distribute a backdoor we call NativeZone,” Tom Burt, corporate vice president of customer security and trust at Microsoft, wrote in a blog post late last week.

Phishing 70

Phishing Cybersecurity Government Authentication 70