HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

Data Matters

APRIL 20, 2021

There just may be a new cybersecurity regulator in town. Department of Labor (DOL) published its first cybersecurity guidance last week ( Cybersecurity Guidance ). The Cybersecurity Guidance is set forth in three parts: Tips for Hiring a Service Provider , directed toward plan sponsors and fiduciaries.

Cybersecurity 68

Cybersecurity Insurance Risk Compliance 68

eSecurity Planet

JUNE 16, 2022

Cyber criminals may damage, destroy, steal, encrypt, expose, or leak data as well as cause harm to a system. Encrypted threats spiked 167%, ransomware increased 105%, and 5.4 CEOs who say that cybersecurity is the biggest threat to short-term growth have doubled in the past year. The average cost of a breach is $3.6

Ransomware 141

Ransomware Cybersecurity Phishing Encryption 141

eSecurity Planet

AUGUST 9, 2022

are subject to laws such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (the HITECH Act), as well as regulations such as the Clinical Laboratory Improvements Amendments (CLIA). See the Best Cybersecurity Awareness Training for Employees.

Data Privacy 142

Data Privacy Compliance Privacy Security 142

Data Protection Report

JANUARY 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS””) Cybersecurity Regulation , 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective. Periodic risk-based assessments of third parties. Upcoming certifications.

Cybersecurity 40

Cybersecurity Compliance Financial Services Risk 40

Hunton Privacy

APRIL 27, 2017

Earlier this month, the New York State Department of Financial Services (“NYDFS”) recently published FAQs and key dates for its cybersecurity regulation (the “NYDFS Regulation”) for financial institutions that became effective on March 1, 2017. September 3, 2018 – the eighteen month transitional period ends.

Cybersecurity 53

Cybersecurity Compliance Financial Services Insurance 53

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Customer data, which was encrypted, was reported to be unaffected.

Data Privacy 85

Data Privacy Privacy Security Data breaches 85

Data Protection Report

FEBRUARY 8, 2022

When you enter personal information on our Site, we encrypt transmissions involving such information using secure protocols.” On January 24, 2022, the New York Attorney General (AG) announced a settlement with vision-benefits-provider EyeMed Vision Care, Inc., In total, information for approximately 2.1 SHIELD Act.

Passwords 98

Passwords Financial Services Authentication Insurance 98

Hunton Privacy

FEBRUARY 6, 2015

On February 3, 2015, the Securities and Exchange Commission (“SEC”) released a Risk Alert , entitled Cybersecurity Examination Sweep Summary, summarizing observations from the recent round of cybersecurity examinations of registered broker-dealers and investment advisers under the Cybersecurity Examination Initiative.

Cybersecurity 40

Cybersecurity Insurance Financial Services Risk 40

DLA Piper Privacy Matters

APRIL 2, 2020

Working remotely, or “teleworking,” presents unique cybersecurity challenges to the employer, the employee and the supply chain, especially when being done for the first time in a rapidly changing environment. It is important to note, though, that cybersecurity regulation is generally sector-specific.

Cybersecurity 52

Cybersecurity Phishing Authentication Access 52

Adam Levin

NOVEMBER 30, 2018

Regis, Westin, Sheraton, W Hotels or anywhere else that operates on Marriot’s Starwood guest reservation database, it’s time to redouble your cybersecurity and privacy efforts, because this compromise is one of biggest we’ve seen—dwarfed only by the Yahoo breach that affected 2 billion users. Manage the damage.

Financial Services 66

Financial Services Encryption Passwords Communications 66

Data Matters

MARCH 12, 2019

Of particular note, the Safeguards Rule NPRM proposes to align the FTC’s requirements with those of the New York Department of Financial Services (“NYDFS”), as found in its cybersecurity regulations, and the National Association of Insurance Commissioners (“NAIC”), as found in its insurance data security model law.

Privacy 68

Privacy IT Information Security Insurance 68

eSecurity Planet

FEBRUARY 16, 2021

All of your files are encrypted with RSA-2048 and AES-128 ciphers.” ” Or you might see a readme.txt stating, “Your files have been replaced by these encrypted containers and aren’t accessible; you will lose your files on [enter date] unless you pay $2500 in Bitcoin.” IMPORTANT INFORMATION !!!

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Data Matters

OCTOBER 8, 2020

Ransomware attacks use malware, often injected through phishing schemes, to encrypt a victim’s data files or programs, followed by a ransom demand by the threat actor that offers the decryption key in exchange for payment. Payment is often demanded in bitcoin, and thus third-party services are often used to make such payments.

Ransomware 68

Ransomware Compliance Risk Government 68

DLA Piper Privacy Matters

JULY 30, 2019

From the bad guy’s perspective, why hack one organization directly when you can hit a service provider with potentially weaker defenses and the sensitive data of many organizations? Do “reasonable” cybersecurity controls extend to third parties? What’s the fallout from a service provider breach?

Data breaches 45

Data breaches Cybersecurity Financial Services Risk 45

Adam Levin

NOVEMBER 17, 2020

VPNs encrypt data , making it much harder to intercept when transmitted through a shared or suspect internet connection. SSLs ensure all data is encrypted. A green or gray padlock icon in your browser’s address bar also indicates that information, like credit card numbers, is encrypted when transmitted. Look for the lock.

Retail 97

Retail e-Delivery Passwords Phishing 97

HL Chronicle of Data Protection

MARCH 14, 2019

The proposed Rule will also require multi-factor authentication for any individual accessing customer information, but, unlike the NYDFS which imposed a similar requirement in the Cybersecurity Regulation, the FTC declined to endorse text messages as a permitted second factor. Specific information security measures.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

DLA Piper Privacy Matters

AUGUST 23, 2021

Security and Confidentiality Personal information must be kept confidential, and security measures must be deployed, as prescribed by the Cybersecurity Law and the Data Security Law and their underlying measures, guidelines and technical standards.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. IT risk & cybersecurity management. Insurance & claims management. Additionally, Forrester named it a Contender in its Q1 2020 GRC Wave. LogicManager.

Compliance 67

Compliance Risk Government Retail 67

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. IT risk & cybersecurity management. Insurance & claims management. Additionally, Forrester named it a Contender in its Q1 2020 GRC Wave. LogicManager.

Compliance 57

Compliance Risk Government Retail 57

Data Matters

NOVEMBER 22, 2021

Further, bank service providers are now required to promptly notify all affected banks whenever a cybersecurity disruption lasts for four or more hours. The rule is the latest regulation requiring entities who have suffered a cybersecurity incident to promptly notify a government agency. The Board subjects all U.S.

Cybersecurity 117

Cybersecurity Insurance Financial Services Marketing 117

Data Matters

APRIL 23, 2018

Recent guidance from the Securities and Exchange Commission (SEC) on disclosure and enforcement actions by the Federal Trade Commission (FTC) make clear that cybersecurity is no longer a niche topic, but a concern significant enough to warrant the oversight of corporate boards of directors. Adopting the NIST Cybersecurity Framework.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

IT Governance

MARCH 11, 2024

Glosbe dictionary exposes almost 7 million records The multilingual online dictionary Glosbe left a MongoDB instance unsecured last year, exposing nearly 7 million users’ information, including personal data, encrypted passwords and social media identifiers. Glosbe did not reply, but the open instance was soon closed.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

JANUARY 16, 2024

GB Rebekah Children’s Services Source (New) Non-profit USA Yes 2,805 Butte School District Source 1 ; source 2 (Update) Education USA Yes 2,658 Dignity Health Nevada St. Source (New) Real estate USA Yes 10 GB Unitex Source (New) Manufacturing USA Yes 9.5

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

eSecurity Planet

OCTOBER 5, 2021

A token acts as an electronic cryptographic key that unlocks the device or application, usually with an encrypted password or biometric data. Banking, financial services, and insurance industries constitute the largest share of adopters, with North America leading adoption, according to Orbis Research.

Authentication 99

Authentication Passwords Access Computer and Electronics 99

eSecurity Planet

AUGUST 13, 2021

With their Digital Intelligence Investigative Platform, Cellebrite boasts services that unify the investigative lifecycle and preserve digital evidence. Be it advanced locks, encryption barriers, or deleted and unknown content, the UFED (Universal Forensic Extraction Device) can extract physical and logical data. Paraben Corporation.

e-Discovery 137

e-Discovery Computer and Electronics Marketing Compliance 137

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. Investors recognize the potential too, as funding for cybersecurity ventures more than doubled from previous years to almost $22 billion in 2021. Series B SECURITI.ai

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

eSecurity Planet

MAY 11, 2023

The only exception, it seems, has been cloud service providers, who boast an enviable record when it comes to cybersecurity, thanks to rigorous security practices like Google’s continuous patching. I am very surprised that the cyber insurance industry has not required zero trust architecture already, but perhaps the $1.4

Cloud 97

Cloud IT Insurance Authentication 97

Thales Cloud Protection & Licensing

DECEMBER 23, 2019

Banking, financial services, media, insurance, and e-commerce companies have the lead in transformational initiatives in India. Using methods like encryption, tokenization, and masking within their own environments will ensure protection when data moves between SaaS applications or migrates to other applications.

Digital transformation 15

Digital transformation Cloud Encryption Data Privacy 15

Hunton Privacy

MARCH 8, 2019

The proposed changes would add more detailed requirements on how financial institutions must protect customer information. The proposed changes would add more detailed requirements on how financial institutions must protect customer information.

Privacy 55

Privacy Insurance Financial Services Encryption 55