The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk 147

Risk Financial Services Insurance Cybersecurity 147

Thales Cloud Protection & Licensing

DECEMBER 20, 2023

Initially a driving force in financial services for secure transactions, blockchain now faces the challenge of reshaping its image and functionality. As cyber threats grow in sophistication and frequency, regulatory bodies impose stricter cybersecurity standards, compelling organizations to demonstrate compliance and resilience.

Cybersecurity 83

Cybersecurity Blockchain Artificial Intelligence Encryption 83

Data Protection Report

OCTOBER 24, 2022

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020. Nevertheless, EyeMed certified its compliance with the Cybersecurity Regulation annually, from 2018-2021.

Cybersecurity 52

Cybersecurity Personal data Risk Financial Services 52

eSecurity Planet

APRIL 8, 2021

The ManageEngine IT security portfolio spans everything from privileged access management (PAM) to network configuration to password management. Each solution places a heavy emphasis on auditing and reporting, which is valuable for organizations that are subject to strict compliance regulations. About ManageEngine.

Cloud 52

Cloud Financial Services Compliance Manufacturing 52

Security Affairs

AUGUST 30, 2018

Credit cards that are saved to your profile are encrypted and stored in compliance with security standards set by the payment card industry or PCI standards. At the time it is still unclear the root cause of the Air Canada data breach, the company urges users to reset their passwords.

Data breaches 51

Data breaches IT Passwords Financial Services 51

eSecurity Planet

SEPTEMBER 10, 2021

What compliance requirements does the provider support? Additionally, multi-factor authentication (MFA) can further reduce the risk of malicious actors gaining access to sensitive information, even if they manage to steal usernames and passwords. Double-check your compliance requirements.

Cloud 111

Cloud Security Encryption Risk 111

Data Protection Report

OCTOBER 1, 2019

Private information” is also separately defined to mean user name or e-mail address in combination with the password or security question and answer—without any need for “personal information.”. Biometric information that is used to authenticate or ascertain the individual identity.

Security 40

Security Financial Services Passwords Risk 40

Hunton Privacy

AUGUST 15, 2022

On July 29, 2022, the New York Department of Financial Services (“NYDFS”) posted proposed amendments (“Proposed Amendments”) to its Cybersecurity Requirements for Financial Services Companies (“Cybersecurity Regulations”). As part of the “access privileges” requirements under Section 500.7

Financial Services 55

Financial Services Cybersecurity Risk Passwords 55

Data Protection Report

APRIL 2, 2020

On March 10, 2020, the New York Department of Financial Services (NYDFS) issued guidance to all of its regulated institutions engaged in virtual currency business activity, requiring them to have plans for preparedness to manage the possible operational and financial risks posed by the COVID-19 pandemic.

Risk 59

Risk Communications Authentication Financial Services 59

Data Matters

AUGUST 5, 2019

b) A person or business shall be deemed to be in compliance with paragraph (a) of this subdivision if it either: (i) is a compliant regulated entity as defined in subdivision one of this section; or. (ii) 6) adjusts the security program in light of business changes or new circumstances; and. (C)

Cybersecurity 68

Cybersecurity Data breaches Privacy Risk 68

The Last Watchdog

DECEMBER 6, 2022

Consider that some 80 percent of hacking-related breaches occur because of weak or reused passwords, and that over 90 percent of consumers continue to re-use their intrinsically weak passwords. Authentication systems that leverage machine learning and biometric technology are now ready to replace legacy password-centric technologies.

Authentication 203

Authentication Passwords Artificial Intelligence Financial Services 203

Data Matters

FEBRUARY 25, 2021

The FCA’s stated position under its existing guidance is that the information printed on a card can be used as evidence of possession of a card, alongside use of a knowledge factor (such as a password or onetime passcode). The FCA has provided new guidance for PIs and EMIs using the “insurance or comparable guarantee” method of safeguarding.

Authentication 68

Authentication Paper Risk Insurance 68

eSecurity Planet

OCTOBER 5, 2021

Passwords are the most common authentication tool used by enterprises, yet they are notoriously insecure and easily hackable. But even when passwords are secure, it’s not enough. Recently, hackers leaked 87,000 Fortinet VPN passwords , mostly from companies who hadn’t yet patched a two-year-old vulnerability. MFA can be hacked.

Authentication 102

Authentication Passwords Access Computer and Electronics 102

Data Protection Report

MARCH 7, 2024

Will there be some exempt financial transactions? What about due diligence, compliance programs, and recordkeeping? persons subject to the contemplated program employ a risk-based approach to compliance by developing, implementing, and routinely updating a compliance program. What about inter-affiliate transactions?

Access 58

Access Military Compliance Personal data 58

Thales Cloud Protection & Licensing

JANUARY 22, 2024

Modern Authentication: Advanced authentication such as Multifactor Authentication (MFA) is highly effective against account take-overs and attacks, adding extra layers of security by combining something the user knows (a password) with something they have (a mobile device or token) and something they are (biometric data).

Security 77

Security Authentication Passwords Risk 77

Data Protection Report

NOVEMBER 3, 2017

While these Mirai-based attacks were successful in creating extensive outages, the method for gaining control over the IoT devices was relatively straightforward—it relied on using weak or default passwords on these devices. During an Attack.

IoT 40

IoT Communications Risk Passwords 40

eSecurity Planet

FEBRUARY 16, 2021

Ransomware frequently contains extraction capabilities that can steal critical information like usernames and passwords, so stopping ransomware is serious business. This includes active tagging of workloads, threat hunting , and virus assessments, and consistent evaluation of traffic for mission-critical applications, data, or services.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Data Protection Report

AUGUST 11, 2022

On July 29, 2022, the New York Department of Financial Services (NYDFS) announced a “pre-proposed outreach” of material proposed changes to almost every section of its cybersecurity regulations, and would affect each entity covered by the current regulations of 23 NYCRR Part 500. Notifications to DFS. Penalties for Single Failures.

Cybersecurity 58

Cybersecurity Risk Passwords Compliance 58

IT Governance

MARCH 11, 2024

According to a listing on a popular hacking forum, the database includes customers’ names, email addresses, hashed passwords, and more. The claim is yet to be verified. Data breached: 36 million records. In May 2023, it predicted that responding to and recovering from the ransomware attack would cost it £20 million.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

eSecurity Planet

AUGUST 13, 2021

ProDicover offers three products that prioritize computer forensics, incident response, electronic discovery, and corporate policy compliance investigations: Forensics, Incident Response (IR), and ProDiscover Pro. Exterro’s operations are SOC 2 Type 2 certified and FedRAMP Authorized. Magnet Forensics.

e-Discovery 138

e-Discovery Computer and Electronics Marketing Compliance 138

The Last Watchdog

OCTOBER 29, 2019

With DevOps and API advances steamrolling forward, no one has thought to establish the practice of requiring passwords to authenticate users at the API level. Long-run damage Data Theorem has won customers from the financial services and technology sectors that are routinely creating dozens of new APIs per day.

Digital transformation 140

Digital transformation Data breaches Cloud Mining 140

Data Matters

APRIL 23, 2018

The hope is that the strategy outlined herein will help corporate directors and executives who support them ( e.g. , legal, information technology security, privacy, compliance, and audit) make practical use of the various technical guidelines available without misaligning their systems from the broader corporate mission.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

The Last Watchdog

FEBRUARY 25, 2019

“Our customers all have the pain point of wanting to have single sign-on for multiple applications, requiring capabilities like self-service and self-registration,” Curcio told Last Watchdog. Meeting compliance. Compliance became a huge driver for governance and attestation,” Curcio said. “It

Access 169

Access Government Authentication Data breaches 169

IT Governance

JANUARY 16, 2024

GB database includes names, email addresses, phone numbers and passwords. Al Mujtama Pharmacy allegedly breached, more than 7 million records affected More than 7 million data records belonging to the Saudi pharmacy Al Mujtama have reportedly been published on an underground forum. Data breached: >7,000,000 records.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

eSecurity Planet

JANUARY 11, 2022

Open Raven is committed to data security visibility and compliance for the cloud and brings much cybersecurity industry experience to the table. SECURITI’s solutions help organizations secure data while automating privacy and compliance using AI and machine learning tactics. Also read: SBOMs: Securing the Software Supply Chain.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

Reltio

MARCH 31, 2019

If you missed this event, check out the video presentations here to get the latest buzz in the data management industry (Login: dd19@reltio.com | Password: berightfaster). A future where modern MDM empowers enterprises to democratize and monetize insights, by unlocking value from data with AI-powered relationship-driven analytics.

MDM 40

MDM Digital transformation Analytics Cloud 40