Course, Government, Information Security and Insurance

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The Act is designed to “establish standards for data security and for the investigation and notification to the Superintendent of Insurance of a cybersecurity event.”.

Insurance

Insurance Security Cybersecurity Data breaches

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

Of the businesses surveyed, those in the finance and insurance industries had the highest levels of awareness (79%), followed by information and communications (67%) and education (52%). Those who are already involved in data protection or who wish to enter the field might want to consider our specialised GDPR training courses.

GDPR

GDPR Government Education Compliance

How can organisations close the cyber security skills gap?

IT Governance

SEPTEMBER 15, 2021

A UK government report published last year found that 48% of organisations lacked the expertise to complete routine cyber security practices. The report also found that 30% of organisations had skills gaps in more advanced areas, such as penetration testing, forensic analysis and security architecture.

Security

Security Insurance Education Government

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

$10,000,000 civil penalty for disclosing personal data without consent

Data Protection Report

APRIL 30, 2024

The company also admitted “that it disclosed consumers’ sensitive PHI to entities that were not able to meet all legal requirements to protect consumers’ health information.” The complaint alleged that the company’s data handling practices also resulted in unauthorized disclosures of personal information.

Personal data

Personal data Privacy Information governance Compliance

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

Information Governance Perspectives

MAY 10, 2020

In May of 2020 I was honored to speak at the MERv conference with John Frost of Box on the topic of Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance. Privacy makes data governance ethical and tangible, and compliance leaders understand that.

Compliance

Compliance Information governance Privacy Data Privacy

List of Data Breaches and Cyber Attacks in February 2023 – 29.5 Million Records Breached

IT Governance

MARCH 1, 2023

IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses. We offer a variety of resources to help understand and mitigate threats, from training courses and consultancy services to free guides.

Data breaches

Data breaches Ransomware e-Delivery Government

5 things you need to know about CIR management

IT Governance

MAY 1, 2018

CIR management can help your organisation mitigate the risk of information security incidents and minimise losses. Incident response planning is mandated as part of all major cyber security regimes. How IT Governance can help you with your CIR management. What does cyber incident response (CIR) management do?

Risk

Risk Information Security IoT Insurance

Secure Together: Britons scammed out of £3.5 million and essential services under attack

IT Governance

MAY 20, 2020

Palo Alto Networks has discovered that healthcare agencies, governments, universities with medical centres, medical publishing firms and insurance companies across the UK, Australia, Canada, Italy and the US have been targeted by sophisticated scams. The post Secure Together: Britons scammed out of £3.5 Phishing scams.

Security

Security Phishing Insurance Risk

Catches of the Month: Phishing Scams for April 2023

IT Governance

APRIL 11, 2023

Commenting on the report, Cofense Vice President and Chief Information Security Officer Tonia Dudley highlighted the increase in cyber attacks conducted by nation states. You can help educate your staff with IT Governance’s Phishing Staff Awareness Training Programme.

Phishing

Phishing Passwords Ransomware Insurance

Where data meets IP – Derivative data in M&A transactions

Data Protection Report

JANUARY 19, 2022

Of course, it is critical to ensure the vendor actually has the right to sell or grant rights to the data in question. Data stored in certain countries may be accessible by government agencies under anti-terrorism legislation. Claims by third parties for breach of privacy or information security.

Compliance

Compliance Access Personal data Risk

China: Navigating China episode 18: Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation

DLA Piper Privacy Matters

JUNE 4, 2021

China is a leading marketing for connected and autonomous vehicles, and use and analytics of connected vehicle data has been encouraged by Chinese Government support of big data and AI technology. other data that may affect national security and public interests. outside of the vehicle; and.

Big data

Big data Compliance Personal data Insurance

Why ISO 27005 risk management is the key to achieving ISO 27001 certification

IT Governance

MAY 16, 2019

If you’re familiar with ISO 27001 , you’ll know that it’s the international standard for information security and contains the certification requirements that are expanded upon throughout the ISO 27000 series. Assessing these risks helps inform your decision about the best way to reduce risk to an acceptable level.

Risk

Risk Information Security Insurance Security

Colorado Amends Data Breach Notification Law and Enacts Data Security Requirements

Hunton Privacy

JUNE 14, 2018

Notice to the Attorney General is required even if the covered entity maintains its own procedures for security breaches as part of an information security policy or pursuant to state or federal law.

Data breaches

Data breaches Security Passwords Military

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

The GDPR considers personal data to be anything that identifies, or can be used to identify, a living person, such as your name, National Insurance number or email address (personal or work). Things get a little more complicated when you factor in that each piece of information doesn’t have to be taken on its own.

GDPR

GDPR Compliance Personal data Data breaches

ISO 27001 checklist: a step-by-step guide to implementation

IT Governance

APRIL 17, 2019

We’re not going to lie: implementing an ISO 27001 -compliant ISMS (information security management system) is hard work. The team will use their project mandate to create a more detailed outline of their information security objectives, plan and risk register. Assemble an ISO 27001 implementation team.

Risk

Risk Information Security Compliance Security

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

We have summarised the key compliance obligations under the PIPL below, with new obligations in bold for ease of reference: Relevant Laws/Regulations The PIPL becomes the primary, national-level law governing processing of personal information, but does not replace the existing data privacy framework.

Data Privacy

Data Privacy Privacy Compliance Analytics

List of Data Breaches and Cyber Attacks in 2023

IT Governance

JUNE 1, 2023

Meanwhile, you can subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses.

Data breaches

Data breaches Insurance Personal data Ransomware

The Top 5 Reasons to Use an API Management Platform

Security Affairs

NOVEMBER 20, 2023

Organizations need to govern and control the API ecosystem, this governance is the role of API management. organizations need to govern and control the API ecosystem. This governance is the role of API management. He holds (ISC)2’s SSCP along with CompTIA’s Pentest+ and Security+ certifications, a B.S.

Authentication

Authentication Risk Government Compliance

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

IT security policies : Establish benchmarks, goals, and standards that can be used for measuring successful implementation of security controls. Governance, risk, and compliance (GRC) management: Aligns security goals with business goals and regulatory requirements that apply to the data or the organization.

Security

Security Cloud Cybersecurity Risk

Weekly podcast: Supermicro, federal data privacy law and Morrisons

IT Governance

OCTOBER 25, 2018

Hello and welcome to the IT Governance podcast for Friday, 26 October. Well, it still stands by its claims that the Chinese People’s Liberation Army implanted malicious microchips on server motherboards used by the like of Apple, Amazon and the US government. Here are this week’s stories.

Data Privacy

Data Privacy Privacy Data breaches GDPR

Information Management Today

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Government survey reveals GDPR awareness is falling short

Webinars

Trending Sources

How can organisations close the cyber security skills gap?

Webinars

$10,000,000 civil penalty for disclosing personal data without consent

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

List of Data Breaches and Cyber Attacks in February 2023 – 29.5 Million Records Breached

5 things you need to know about CIR management

Secure Together: Britons scammed out of £3.5 million and essential services under attack

Catches of the Month: Phishing Scams for April 2023

Where data meets IP – Derivative data in M&A transactions

China: Navigating China episode 18: Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation

Why ISO 27005 risk management is the key to achieving ISO 27001 certification

Colorado Amends Data Breach Notification Law and Enacts Data Security Requirements

Wake up to the reality of the GDPR: What you need to know about compliance

ISO 27001 checklist: a step-by-step guide to implementation

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

List of Data Breaches and Cyber Attacks in 2023

The Top 5 Reasons to Use an API Management Platform

Network Security Architecture: Best Practices & Tools

Weekly podcast: Supermicro, federal data privacy law and Morrisons

Stay Connected