Communications, Exercises, Financial Services and Security

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. Create, Maintain, and Exercise a Cyber Incident Response, Resilience, and Continuity of Operations Plan.

Cybersecurity

Cybersecurity Financial Services Authentication Government

What (currently ignored) privacy area might result in early enforcement action when the GDPR is in force?

Data Protector

JANUARY 29, 2017

And also, what standard of evidence is necessary to be generated, just in case privacy regulators exercise their Article 30(4) right to request it. Outside the communications sector, how much interest, or formal enforcement action, has ever been taken against data controllers with regard to breaches of the Fifth Data Protection Principle?

GDPR

GDPR Privacy Compliance Personal data

“Am I a CII operator?” – New regulation in China provides more clarity

Data Protection Report

AUGUST 18, 2021

China’s Cyber Security Law ( CSL ), enacted in 2016, requires operators of critical information infrastructure ( CII ) to follow a number of enhanced security obligations, including storing within China all personal information and important data collected or generated during their operations in China. Scope and identification of CII.

Financial Services

Financial Services Data collection Security Communications

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Proposed Amendments to NY Financial Services Cybersecurity Regulations Impose New Obligations on Large Entities, Boards of Directors and CISOs

Hunton Privacy

AUGUST 15, 2022

On July 29, 2022, the New York Department of Financial Services (“NYDFS”) posted proposed amendments (“Proposed Amendments”) to its Cybersecurity Requirements for Financial Services Companies (“Cybersecurity Regulations”). As part of the “training and monitoring” requirements under Section 500.14 Additional Requirements.

Financial Services

Financial Services Cybersecurity Risk Passwords

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

Of particular concern to state-level policymakers and enforcement authorities are business practices that in their view may contribute to security incidents. The insurance industry has not been immune from such scrutiny, and the imposition of business practice requirements intended to enhance cybersecurity sector-wide.

Insurance

Insurance Cybersecurity Data breaches Financial Services

Discovery of New Internet of Things (IoT) Based Malware Could Put a New Spin on DDoS Attacks

Data Protection Report

NOVEMBER 3, 2017

This prevents authorized users from being able to use or access the services being provided via the attacked servers. As with any potential security incident, effective planning can help reduce or eliminate some of the potential business harms and legal consequences of a DDoS attack before an attack occurs. Before an Attack.

IoT

IoT Communications Risk Passwords

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

Companies in the financial services, technology, airline and hotel industries are among those that could face substantial compliance obligations. The data privacy officer will also be the communication link between Data Protection Commissioner and the data controller or data processor on issues relating to data processing.

Personal data

Personal data GDPR Data Privacy Privacy

Rock the Blockchain: Thales and DigiCert Secure the Data

Thales Cloud Protection & Licensing

SEPTEMBER 15, 2021

Rock the Blockchain: Thales and DigiCert Secure the Data. It’s a staggering statistic, but 39% of companies are still not using robust data security measures. With risks so high, what is the hold up on implementing security? Are Distributed Ledger Technologies the Answer to Securing Data? Thu, 09/16/2021 - 05:31.

Blockchain

Blockchain Security Authentication Compliance

CISA issues proposed rules for cyber incident reporting in critical infrastructure

Data Protection Report

APRIL 9, 2024

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) published a Notice of Proposed Rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which imposes new reporting requirements for entities operating in critical infrastructure sectors.

Ransomware

Ransomware Agriculture Cybersecurity Government

Ireland: DPC Annual Report 2020: Enforcement & Transfers Dominate Agenda

DLA Piper Privacy Matters

MARCH 4, 2021

Security vulnerabilities including hacking, unauthorised access, malware, phishing and ransomware attacks totalled 462 breach notifications. The DPC recommends that organisations: undertake periodic reviews of their IT security measures; implement a comprehensive training plan for employees; and. Financial Services Sector Focus.

GDPR

GDPR Compliance Data breaches Marketing

Living in a data sovereign world

IBM Big Data Hub

OCTOBER 16, 2023

Digital sovereignty revolves around a value-driven, ordered, regulated and secure digital destination for all data, hardware and software, infrastructure components and application operations. Data sovereignty addresses legal, privacy, security and governance concerns associated with the storage, processing and transfer of data.

Cloud

Cloud Compliance Data Privacy Privacy

NYDFS proposes significant cybersecurity regulation amendments

Data Protection Report

AUGUST 11, 2022

On July 29, 2022, the New York Department of Financial Services (NYDFS) announced a “pre-proposed outreach” of material proposed changes to almost every section of its cybersecurity regulations, and would affect each entity covered by the current regulations of 23 NYCRR Part 500.

Cybersecurity

Cybersecurity Risk Passwords Compliance

The Hacker Mind Podcast: EP 69 Self-Healing Operating Systems

ForAllSecure

APRIL 19, 2023

So an operating system provides a few basic services to an application file structure, Inter Process communications between different processes, indications in and out of the file system like TCP in and out of the machine like TCP IP, something like that. All kinds of security protections, different things. Great question.

Analytics

Analytics Communications Computer and Electronics Cybersecurity

Mexico Issues Cookie and Web Beacon Rules and Privacy Notice Requirements

Hunton Privacy

FEBRUARY 12, 2013

The communication or announcement must be provided at the moment the user interacts with the mechanism ( e.g. , the moment the user visits the website), and it must take place outside the privacy notice.

Privacy

Privacy Personal data Data collection Financial Services

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Data Protection Report

DECEMBER 17, 2020

The Data Strategy proposed the establishment of nine common European data spaces for data sharing and pooling, including health, mobility, manufacturing, financial services, energy, and agriculture. The EC’s Data Strategy sets out a vision of common European data spaces, a Single Market for data.

Government

Government Personal data Marketing Artificial Intelligence

Nation-State-Sponsored Attacks: Not Your Grandfather’s Cyber Attacks

Data Matters

MAY 17, 2022

Two months later, on July 19, 2021, the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and FBI assessed that People’s Republic of China state-sponsored malicious cyber activity is a major threat to U.S. and Allied cyberspace assets. supply chain attacks). More recently, on Feb.

Cybersecurity

Cybersecurity Government Authentication Ransomware

The Hacker Mind: MITRE ATT&CK Evaluations

ForAllSecure

MAY 4, 2021

In this episode, Frank Duff, Director of ATT&CK Evaluations for MITRE Engenuity, talks about how both red and blue teams can directly benefit from ATT&CK, and how organizations -- and even some security vendors -- are now evaluating their solutions against it. government agencies. government agencies. Yeah, great but what does it do?

Government

Government IT Access Analytics

The Hacker Mind: MITRE ATT&CK Evaluations

ForAllSecure

MAY 4, 2021

In this episode, Frank Duff, Director of ATT&CK Evaluations for MITRE Engenuity, talks about how both red and blue teams can directly benefit from ATT&CK, and how organizations -- and even some security vendors -- are now evaluating their solutions against it. government agencies. government agencies. Yeah, great but what does it do?

Government

Government IT Access Analytics

Information Management Today

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

What (currently ignored) privacy area might result in early enforcement action when the GDPR is in force?

Webinars

Trending Sources

“Am I a CII operator?” – New regulation in China provides more clarity

Webinars

Proposed Amendments to NY Financial Services Cybersecurity Regulations Impose New Obligations on Large Entities, Boards of Directors and CISOs

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

Discovery of New Internet of Things (IoT) Based Malware Could Put a New Spin on DDoS Attacks

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Rock the Blockchain: Thales and DigiCert Secure the Data

CISA issues proposed rules for cyber incident reporting in critical infrastructure

Ireland: DPC Annual Report 2020: Enforcement & Transfers Dominate Agenda

Living in a data sovereign world

NYDFS proposes significant cybersecurity regulation amendments

The Hacker Mind Podcast: EP 69 Self-Healing Operating Systems

Mexico Issues Cookie and Web Beacon Rules and Privacy Notice Requirements

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Nation-State-Sponsored Attacks: Not Your Grandfather’s Cyber Attacks

The Hacker Mind: MITRE ATT&CK Evaluations

The Hacker Mind: MITRE ATT&CK Evaluations

Stay Connected