Compliance, Financial Services and Training - Information Management Today

Defending Financial Services Against Fraud in a Shifting Cyber Landscape

Thales Cloud Protection & Licensing

NOVEMBER 13, 2023

Defending Financial Services Against Fraud in a Shifting Cyber Landscape sparsh Tue, 11/14/2023 - 05:05 As we approach International Fraud Awareness Week during 12-18 November 2023, taking stock of the evolving threat landscape and the vulnerabilities that financial services organizations face is crucial.

Financial Services

Financial Services Blockchain Encryption Cloud

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

The Last Watchdog

FEBRUARY 11, 2024

Related: The case for augmented reality training Because of this, cybersecurity investments and regulatory oversight are increasing at an astounding rate , especially for those in the financial services industry, bringing an overwhelming feeling to chief compliance officers without dedicated security teams.

Risk

Risk IT Financial Services Cybersecurity

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. In particular, the new rules provide that the CISO and the highest-ranking executive of the covered entities must file annually a notice of compliance with the NYDFS (500.17(b)(2)).

Financial Services

Financial Services Cybersecurity Compliance Government

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. See the Top Governance, Risk and Compliance (GRC) Tools.

Data Privacy

Data Privacy Compliance Privacy Security

CHINA: New draft proposes more stringent requirements for processing data in the financial services industry

DLA Piper Privacy Matters

AUGUST 8, 2023

Regular training and periodic audits shall be conducted to ensure the effectiveness of data security measures in place. In general, the compliance obligations of a Data Handler processing Regulated Data at level three or above are significantly heavier the others.

Financial Services

Financial Services Personal data Compliance Data collection

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Rocket Software

MARCH 14, 2022

Analyst firm IDC recently published a Vendor Spotlight report featuring ASG Mobius Content Services (Mobius) and its applications in the financial service and insurance industries. On top of the time it requires, it can also expose organizations to security and compliance risks and increase the likelihood of human error.

Financial Services

Financial Services Insurance Digital transformation Paper

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. The proposed amendments revise several aspects of the draft Cybersecurity Rule amendments released on July 29, 2022. Revised Definition of Class A Companies.

Financial Services

Financial Services Cybersecurity Ransomware Compliance

The compliance challenges of hybrid working

IT Governance

AUGUST 26, 2021

A new approach to work requires careful consideration – and one of your biggest concerns should be your compliance posture. This might be fine if your only concern is productivity, but if you also have regulatory compliance challenges, you may feel compelled to install such software. Protecting employees’ privacy.

Compliance

Compliance Data breaches Privacy Risk

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

New York Department of Financial Services Released New Guidance Addressing COVID-19 Related Cybersecurity Risks

HL Chronicle of Data Protection

APRIL 17, 2020

Continuing its focus on COVID-19’s impact on its regulated entities, on April 13, the New York Department of Financial Services (NYDFS) released new cybersecurity guidance in response to the COVID-19 pandemic. Third Party Risk. Third-party vendors may struggle to deal with COVID-19 restrictions.

Financial Services

Financial Services Risk Cybersecurity Phishing

NYDFS Updates Its Cybersecurity Regulation to Protect Against Growing Cyber Threats

Hunton Privacy

NOVEMBER 8, 2023

On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. For certain other requirements, regulated entities will have between one and two years to reach compliance.

Cybersecurity

Cybersecurity IT Compliance Financial Services

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. This includes not only recruitment of those with cybersecurity experience and skills but a commitment by insurers to these employees’ training and development so as to “properly understand and evaluate cyber risk.”. 1 See W.B.

Insurance

Insurance Financial Services Cybersecurity Risk

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

The Last Watchdog

JULY 11, 2023

Conduct employee training and awareness programs. Investing in comprehensive employee training and awareness programs is essential for a security-conscious environment. Active awareness of security developments allows for adaptable strategies in addressing emerging risks and effectively protecting investor data.

IT

IT Encryption Risk Financial Services

$8 million penalty to NYDFS – and another case of over-retention

Data Protection Report

JANUARY 18, 2024

On January 3, 2024, the New York Department of Financial Services announced a consent order with GGT, where GGT agreed to pay NYDFS $8 million and to surrender its BitLicense (for cryptocurrency trading), due to alleged violations of NYDFS’ cybersecurity and its virtual currency regulations.

Cybersecurity

Cybersecurity Financial Services Compliance Encryption

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

IBM Big Data Hub

DECEMBER 18, 2023

For organizations of all types—and especially those in highly regulated industries such as financial services, government, healthcare and telco—considerations including the rise of generative AI, evolving regulations and data sovereignty laws and ongoing security challenges must be top of mind.

Cloud

Cloud Financial Services Compliance Digital transformation

5 things to know: IBM Cloud’s mission to accelerate innovation for clients

IBM Big Data Hub

AUGUST 1, 2023

We are bringing the power of foundation models with the availability of a GPU as a service on IBM Cloud offering to help organizations tap into artificial intelligence (AI) in a secured environment while aiming to mitigate third- and fourth-party risk.

Financial Services

Financial Services Computer and Electronics Cloud Digital transformation

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

Vermont Enacts Insurance Data Security Law

Hunton Privacy

JUNE 9, 2022

Licensees must annually certify their compliance with these information security program requirements in writing to the Vermont Deputy Commissioner of Insurance (the “Commissioner”) by April 15 and maintain records supporting the certification for five years. Cybersecurity Event Investigation and Notification Requirements.

Insurance

Insurance Security Information Security Cybersecurity

The aftermath of an incident – business considerations surrounding record-keeping

Data Protection Report

AUGUST 2, 2022

Organizations should also be aware of sector-specific statutory obligations which may apply to them, for example in health or financial services industries. In this post we discuss the operational advantages of a good privacy breach record-keeping program. Risk management and mitigation. M&A and Securities law.

Compliance

Compliance Privacy Risk Financial Services

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. It includes multi-disciplinary risk and compliance management solutions and tools, including: IT & security risk management. Compliance management.

Compliance

Compliance Risk Government Retail

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

Likewise, the New York State Department for Financial Services regulations requires relevant entities to have appropriate record retention policies and procedures. A policy or standard needs to be set, which is then explained by training and is measured. In the U.S., How do you build an effective information governance program?

Privacy

Privacy Compliance Personal data Risk

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

The IBM 2023 Cost of a Data Breach Report , for example, highlights the continuous financial burden on retailers, which, coupled with potential reputational damage, emphasizes the dire need for retailers to prioritize and bolster their cybersecurity measures. Behind every system, software, and security protocol stands a human being.

Retail

Retail Cybersecurity Financial Services Encryption

Automated governance and trustworthy AI

IBM Big Data Hub

JUNE 7, 2022

The announcement highlighted the crucial role of training data, and the terrible consequences of using data that “fails to represent American society.”. As an example, a large financial services firm could easily deploy hundreds or thousands of AI models to assist decision makers in various tasks.

Government

Government Financial Services Compliance Cloud

How to responsibly scale business-ready generative AI

IBM Big Data Hub

JUNE 26, 2023

Possibilities are growing that include assisting in writing articles, essays or emails; accessing summarized research; generating and brainstorming ideas; dynamic search with personalized recommendations for retail and travel; and explaining complicated topics for education and training. What can you do now to scale generative AI responsibly?

Retail

Retail Compliance Risk Education

Tackling Data Sovereignty with DDR

Security Affairs

JUNE 20, 2023

Various data sovereignty challenges arise for many businesses, such as cross-border data transfers, compliance with differing data protection laws, and protecting sensitive information from unauthorized access. Organizations adopting DDR should prioritize integrating these components within their cybersecurity infrastructure.

Compliance

Compliance Cybersecurity Risk Encryption

NYDFS settles cybersecurity regulation matter for $3 million

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. Finally, the regulation includes an annual certification of compliance, to be filed with NYDFS. Training and monitoring materials. NYDFS Cybersecurity Regulation.

Cybersecurity

Cybersecurity Financial Services Phishing Compliance

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business

Thales Cloud Protection & Licensing

DECEMBER 20, 2023

This development model enables enterprises to conduct model training and processing directly at the edge or on-premises. By moving computation and model training to the edge, organizations can train their models locally without uploading datasets to hyperscalers or relying on foundational models.

Cybersecurity

Cybersecurity Blockchain Artificial Intelligence Encryption

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

Perhaps even more concerning to EU lawmakers is how dependent society at large is on banking and other financial services. In turn, financial institutions heavily depend on ICT to be able to provide those services to begin with. That really shouldn’t surprise us – these are lucrative targets for cyber criminals.

Risk

Risk Data breaches Authentication Financial Services

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

KnowBe4

FEBRUARY 14, 2023

This means you have a bunch of users that unwittingly follow a set of unusual and unnecessary clicks that they should know better than to follow – something they learn very quickly if they are enrolled in new-school security awareness training. Blog post with links: [link] Are Your Users Making Risky Security Mistakes? You're not alone.

Phishing

Phishing Security awareness Compliance Risk

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

3 The SEC and its staff followed the September 2017 statement with various cybersecurity-related initiatives and guidance, including January 27, 2020, cybersecurity guidance and observations published by the SEC’s Division of Examinations (formerly Office of Compliance Inspections and Examinations). 20, 2017). 27, 2020). 5 83 FR 8166 (Feb.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

NEW TECH: Security Compass streamlines the insertion of security best practices into DevOps

The Last Watchdog

MARCH 31, 2020

Over the years processes, training and tooling to account for data privacy and data integrity have been woven in, driven by data breach lawsuits and the rise of data handling regulations. Automating security-by-design There is one thing DevOps can’t get around: compliance with data handling rules and regulations. Enter DevOps.

Security

Security Privacy Financial Services Risk

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk

Risk Financial Services Insurance Cybersecurity

Top 12 Cloud Security Best Practices for 2021

eSecurity Planet

SEPTEMBER 10, 2021

What compliance requirements does the provider support? Train your staff. To prevent hackers from getting their hands on access credentials for cloud computing tools, organizations should train all workers on how to spot cybersecurity threats and how to respond to them. Double-check your compliance requirements.

Cloud

Cloud Security Encryption Risk

AI Governance: Why our tested framework is essential in an AI world

Collibra

AUGUST 14, 2023

It should clearly define the problem that the AI model solves, the data used to train the model, the desired outcomes, and the personas involved. If you’re in financial services, maybe you’re considering how to incorporate AI into fraud detection, or personalized customer service, denial explanations or financial reporting.

Government

Government Risk Financial Services Compliance

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

Likewise, the New York State Department for Financial Services regulations requires relevant entities to have appropriate record retention policies and procedures. A policy or standard needs to be set, which is then explained by training and is measured. In the U.S., How do you build an effective information governance program?

Privacy

Privacy Compliance Personal data Risk

From principles to actions: building a holistic approach to AI governance

IBM Big Data Hub

SEPTEMBER 27, 2022

Whether it be financial services, employee hiring, customer service management or healthcare administration, AI is increasingly powering critical workflows across all industries. Add navigating complex compliance regulations and standards to the mix, and the need for a solid and trustworthy AI strategy becomes clear.

Government

Government Compliance Data science Financial Services

How Jamworks protects confidentiality while integrating AI advantages

IBM Big Data Hub

JANUARY 12, 2024

Cloud-hosted AI services demand the transfer of sensitive information to external servers, which can raise questions about data ownership, jurisdiction and control. The global nature of cloud providers introduces a complex web of compliance challenges as data protection laws differ across regions.

Cloud

Cloud Data Privacy Encryption Privacy

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Data Matters

APRIL 20, 2021

A formal vendor selection program that maintains records of vendors’ responses to the questions would further strengthen the program’s maturity and the plan sponsor’s ability to demonstrate compliance with the Cybersecurity Guidance. Obligations of Service Providers Responsible for Plan-Related IT Systems and Data.

Cybersecurity

Cybersecurity Insurance Risk Compliance

BIPA Year in Review: Where Are We Now and What’s Coming Next?

Data Protection Report

NOVEMBER 16, 2022

The big takeaway here is that even businesses that are not primarily engaged in financial services may still find themselves covered by GLBA and shielded from BIPA because “significantly [engaged] means something less than primary.” DePaul University , Case No. 21C3001 at 5 (N.D. Ill Nov 4, 2022).

Financial Services

Financial Services Privacy Compliance Insurance

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

IBM Big Data Hub

JANUARY 10, 2024

Some example use cases to highlight: Confidential AI: leverage trustworthy AI and while ensuring the integrity of the models and confidentiality of data Organizations leveraging AI models often encounter challenges related to the privacy and security of the data used for training and the integrity of the AI models themselves.

Security

Security Cloud Data Privacy Financial Services

What is Cybersecurity Risk Management?

eSecurity Planet

FEBRUARY 11, 2022

Rather than doors, locks and vaults, IT departments rely on a combination of strategies, technologies, and user awareness training to protect an enterprise against cybersecurity attacks that can compromise systems, steal data and other valuable company information, and damage an enterprise’s reputation. Maintaining Regulatory Compliance.

Risk

Risk Cybersecurity Encryption Access

Transition period under New York Cybersecurity Regulation ends March 1, 2019

Data Protection Report

JANUARY 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS””) Cybersecurity Regulation , 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective.

Cybersecurity

Cybersecurity Compliance Financial Services Risk

Remote Work Has Exposed Inefficiencies: What Do You Do About Them?

Rocket Software

FEBRUARY 25, 2022

A deep technical understanding isn’t required with the right solution, meaning business users can benefit from these tools without extensive training or continuous support from IT teams. Engaging automation can ensure around-the-clock compliance to protect against costly fines. Minimize Risk and Improve Resiliency.

Compliance

Compliance Financial Services Risk Insurance

New York Publishes FAQs and Key Dates for Cybersecurity Regulation

Hunton Privacy

APRIL 27, 2017

Earlier this month, the New York State Department of Financial Services (“NYDFS”) recently published FAQs and key dates for its cybersecurity regulation (the “NYDFS Regulation”) for financial institutions that became effective on March 1, 2017. September 27, 2017 – the initial 30-day period for filing Notices of Exemption ends.

Cybersecurity

Cybersecurity Compliance Financial Services Insurance

Defending Financial Services Against Fraud in a Shifting Cyber Landscape

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

Webinars

Trending Sources

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Webinars

Security Compliance & Data Privacy Regulations

CHINA: New draft proposes more stringent requirements for processing data in the financial services industry

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

NYDFS Amends Cybersecurity Rules for Financial Services Companies

The compliance challenges of hybrid working

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

New York Department of Financial Services Released New Guidance Addressing COVID-19 Related Cybersecurity Risks

NYDFS Updates Its Cybersecurity Regulation to Protect Against Growing Cyber Threats

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

$8 million penalty to NYDFS – and another case of over-retention

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

5 things to know: IBM Cloud’s mission to accelerate innovation for clients

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Vermont Enacts Insurance Data Security Law

The aftermath of an incident – business considerations surrounding record-keeping

Top 10 Governance, Risk and Compliance (GRC) Vendors

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Automated governance and trustworthy AI

How to responsibly scale business-ready generative AI

Tackling Data Sovereignty with DDR

NYDFS settles cybersecurity regulation matter for $3 million

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business

Risk Management under the DORA Regulation

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

NEW TECH: Security Compass streamlines the insertion of security best practices into DevOps

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

Top 12 Cloud Security Best Practices for 2021

AI Governance: Why our tested framework is essential in an AI world

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

From principles to actions: building a holistic approach to AI governance

How Jamworks protects confidentiality while integrating AI advantages

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

BIPA Year in Review: Where Are We Now and What’s Coming Next?

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

What is Cybersecurity Risk Management?

Transition period under New York Cybersecurity Regulation ends March 1, 2019

Remote Work Has Exposed Inefficiencies: What Do You Do About Them?

New York Publishes FAQs and Key Dates for Cybersecurity Regulation

Stay Connected