Expert insights. Personalized for you.
The Regulation and the Act both contain prescriptive cybersecurity requirements and new breach notification obligations for regulated organizations. In May 2019, NYDFS announced the creation of a Cybersecurity Division to enforce the Regulation. MORE
Breach cybersecurity investment data breach financial services GDPR italy unicreditUniCredit was also hit with hacking incidents in September-October 2016 and June-July 2017. MORE
Eighty-nine percent of regulated industry companies felt willing and able to invest in security solutions, although those in the financial services sector are not quite as ready to invest as companies in other markets.” MORE
Please tune in for an in-depth podcast discussion of cybersecurity and the False Claims Act, featuring Mike Vernick and Mike Scheimer. February 26 : FCA Enforcement in the Financial Services Sector. Cybersecurity & Data Breaches cybersecurity False Claims Act podcast MORE
On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Part 500 (Cybersecurity Regulation or Regulation). The NYDFS Cybersecurity Regulation. MORE
In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. MORE
There just may be a new cybersecurity regulator in town. Department of Labor (DOL) published its first cybersecurity guidance last week ( Cybersecurity Guidance ). The Cybersecurity Guidance is directed at plan sponsors and fiduciaries regulated by the Employee Retirement Income Security Act of 1974 (ERISA) as well as plan participants and beneficiaries. Plan sponsors and fiduciaries should carefully review the full list of Tips for Hiring a Service Provider. MORE
A survey by Vuealta found that fiancial services leaders are far more concerned about compliance and cybersecurity than the financial services startups they are in competition with. Financial Services News financial services fintech fintech startupsThis may be a mistake. Read more here. MORE
The first step any financial institution must take in its response to the laws is to evaluate its exposure and current capabilities in protecting sensitive business and customer data. Firms should identify the gaps in their cybersecurity program, including areas that need immediate action and longer-term changes to support the program. Implement: Technical services are required to create/ update cybersecurity policies and procedures. MORE
On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC), relating to violations of three different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2020. MORE
On March 3, 2021, the New York Department of Financial Services (NYDFS) announced a Consent Order with a NYDFS-licensed Maine-based mortgage banker and loan servicer settling alleged violations of the NYDFS cybersecurity regulations. ( Cybersecurity cybersecurity NYDFS MORE
Financial services are highly regulated and maintain a strong focus on compliance and risk management. Considering that major financial organizations handle enormous amounts of data today, they require data accuracy and integrity at all times to minimize risks. MORE
On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. This resolution highlights the SEC’s continued focus on cybersecurity. The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021. MORE
In my post today I want to discuss data privacy laws, specifically involving New York State Department of Financial Services (NYDFS) 23 NYCRR 500. The New York State Department of Financial Services (NYDFS) 23 NYCRR 500 is a set of regulations that place cybersecurity requirements on all covered financial institutions. Service providers. There are few exemptions to the NYDFS cybersecurity regulation. MORE
On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. Lacewell stated that cybersecurity is the biggest risk for government and private organizations and described how the Framework is based on “extensive dialogue with industry and experts.”. Authorized property/casualty insurers should use a data-driven and comprehensive plan to assess gaps and vulnerabilities in the cybersecurity of their insureds and potential insureds. MORE
In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. The entering into effect of multiple state laws in this area may present challenges for insurance providers operating in states where such cybersecurity requirements are provided for. MORE
Imperva's Terry Ray on Application Security Imperatives in the Cloud Age Banks and other financial services sector organizations need to pay more attention to their security infrastructure and defenses and apply application security safeguards to monitor all of their data - as well as individual files, says Terry Ray, CTO of Imperva MORE
Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. Benefits for Financial Services. Depending on what industry you’re in, your approach to security may be very different. MORE
Financial services companies' experience in risk management serves them well when it comes to minimizing their cyber-risk MORE
On Wednesday, July 22, the New York Department of Financial Services (the “NYDFS”) announced that it had filed administrative charges against First American Title Insurance Co. under the NYDFS Cybersecurity Regulation , marking the agency’s first enforcement action since the rules went into effect in March 2017. follow the recommendations of First American’s internal cybersecurity team to conduct further investigation into the vulnerability. MORE
In recent years, there has been a massive increase in the volume of data maintained and processed by payment service providers. Regulators and policymakers on both sides of the Atlantic are imposing increasingly prescriptive cybersecurity regulatory frameworks and closer scrutiny upon companies, while new and escalating cybersecurity threats challenge standard safeguards. Partner, Privacy and Cybersecurity Practice, Washington, D.C. MORE
Continuing its focus on COVID-19’s impact on its regulated entities, on April 13, the New York Department of Financial Services (NYDFS) released new cybersecurity guidance in response to the COVID-19 pandemic. MORE
According to a report entitled The 2018 Global DNS Threat Report by EfficientIP, the financial services industry is the worst affected sector by domain name systems (DNS) attacks which are cyber attacks where attackers take advantage of network vulnerabilities to break into bank systems stealthily. According to the report, last year, a single financial sector attack cost each organization $588,200 to recover. MORE
On May 13, 2021, the New York Department of Financial Services (NYDFS) announced a $1.8 million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. MORE
Company Could Be Fined $1,000 for Each Violation of State Cybersecurity Law The New York State Department of Financial Services has filed civil charges against First American Title Insurance Co., MORE
Previously, I discussed data privacy laws, specifically involving New York State Department of Financial Services (NYDFS) 23 NYCRR 500. All covered entities must adopt a cybersecurity program that meets the following minimum requirements based on the covered entity’s risk assessment. Cybersecurity Program: Maintain a cybersecurity program designed to protect the confidentiality, integrity, and availability of the information systems. MORE
In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. First American Financial Corp. Data Breaches The Coming Storm First American Financial Corp. New York State Department of Financial Services Reuters MORE
February 15, 2018, is quickly approaching and any entity subject to New York’s cybersecurity regulation (23 NYCRR Part 500) must file its first annual certification of compliance with the New York State Department of Financial Services (DFS) by that date. Regulatory response cybersecurity certification cybersecurity regulation Department of Financial Services DFS New York MORE
Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed. 3) Regulators are worried about cybersecurity and the robustness of technology systems in general. MORE
On April 13, 2020, the New York Department of Financial Services (“NYDFS”) issued guidance (“April guidance”) to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic. MORE
In this week’s podcast, we speak with Congressman Jim Himes (D-CT) about Congress’s sudden focus on cybersecurity - an about face that Rep. Himes on Congress’s About-face on Cybersecurity appeared first on The Security Ledger with Paul F. DHS announces New Cybersecurity Strategy. MORE
It’s estimated that the financial services sector could see as much as $6 trillion in cybercrime damages in 2021. In fact, research shows that financial services firms are over 300 times more … The post Could digital fax be a secret weapon for cybersecurity in financial services? MORE
On January 22, 2018, the New York Department of Financial Services (“NYDFS”) issued a press release reminding entities covered by its cybersecurity regulation that the first certification of compliance with the regulation is due on or prior to February 15, 2018. DFS’s goal is to prevent cybersecurity attacks, and we therefore will now include cybersecurity in all DFS examinations to ensure that proper cybersecurity governance is being practiced by our regulated entities. MORE
New York's Department of Financial Services calls for more cybersecurity regulation at social media firms following the "jarringly easy" Twitter breach MORE
As we previously reported , NYDFS issued guidance regarding cybersecurity during the pandemic in April 2020. Cybersecurity Financial Privacy U.S. State Law Consumer Protection Cyber Attack Internet New York Personal Information Service Provider MORE
The scope of a records and information management (RIM) program in financial services can seem overwhelming. Compared to other industries, the complexities of managing records and information in financial services are arguably some of the toughest to solve, primarily because of the intense regulatory scrutiny. History of Financial System. financial system continues to evolve in response to changing regulations. Financial Services Industry Overview. MORE
Financial Services Organizations Need to Adapt their Security Practices to the Shifting Environment. Even “traditional banks” seek to drive more revenue from digital products, personalized services and experiences. MORE
Embracing new ways of working in financial services. In times of crisis, the preservation of key functions and services is critical, regardless of industry. Customer service. In a crisis like this, the financial welfare of many customers is seriously threatened. MORE
New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp. NYSE:FAF] as the first test of the state’s strict new cybersecurity regulation. That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful. MORE
Securities and Exchange Commission (“SEC”) announced that it had settled three administrative cases involving a total of eight registered broker-dealers and investment advisers for failures in their cybersecurity policies and procedures. Cybersecurity Enforcement U.S. MORE
OpenText Information Management
APRIL 19, 2021
It’s estimated that the financial services sector could see as much as $6 trillion in cybercrime damages in 2021. In fact, research shows that financial services firms are over 300 times more … The post Could digital fax be a secret weapon for cybersecurity in financial services?
Dark Reading
DECEMBER 8, 2020
Financial services companies' experience in risk management serves them well when it comes to minimizing their cyber-risk
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
HL Chronicle of Data Protection
APRIL 17, 2020
Continuing its focus on COVID-19’s impact on its regulated entities, on April 13, the New York Department of Financial Services (NYDFS) released new cybersecurity guidance in response to the COVID-19 pandemic.
Collibra
JULY 21, 2021
Financial services are highly regulated and maintain a strong focus on compliance and risk management. Considering that major financial organizations handle enormous amounts of data today, they require data accuracy and integrity at all times to minimize risks.
ARMA International
NOVEMBER 7, 2019
The scope of a records and information management (RIM) program in financial services can seem overwhelming. Compared to other industries, the complexities of managing records and information in financial services are arguably some of the toughest to solve, primarily because of the intense regulatory scrutiny. History of Financial System. financial system continues to evolve in response to changing regulations. Financial Services Industry Overview.
InfoGoTo
OCTOBER 25, 2018
According to a report entitled The 2018 Global DNS Threat Report by EfficientIP, the financial services industry is the worst affected sector by domain name systems (DNS) attacks which are cyber attacks where attackers take advantage of network vulnerabilities to break into bank systems stealthily. According to the report, last year, a single financial sector attack cost each organization $588,200 to recover.
Data Matters
AUGUST 19, 2020
On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Part 500 (Cybersecurity Regulation or Regulation). The NYDFS Cybersecurity Regulation.
Perficient
JUNE 4, 2019
In my post today I want to discuss data privacy laws, specifically involving New York State Department of Financial Services (NYDFS) 23 NYCRR 500. The New York State Department of Financial Services (NYDFS) 23 NYCRR 500 is a set of regulations that place cybersecurity requirements on all covered financial institutions. Service providers. There are few exemptions to the NYDFS cybersecurity regulation.
Data Matters
FEBRUARY 10, 2021
On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. Lacewell stated that cybersecurity is the biggest risk for government and private organizations and described how the Framework is based on “extensive dialogue with industry and experts.”. Authorized property/casualty insurers should use a data-driven and comprehensive plan to assess gaps and vulnerabilities in the cybersecurity of their insureds and potential insureds.
Hunton Privacy
FEBRUARY 22, 2021
As we previously reported , NYDFS issued guidance regarding cybersecurity during the pandemic in April 2020. Cybersecurity Financial Privacy U.S. State Law Consumer Protection Cyber Attack Internet New York Personal Information Service Provider
InfoGoTo
MARCH 7, 2019
A survey by Vuealta found that fiancial services leaders are far more concerned about compliance and cybersecurity than the financial services startups they are in competition with. Financial Services News financial services fintech fintech startupsThis may be a mistake. Read more here.
|
Hunton Privacy
APRIL 22, 2020
On April 13, 2020, the New York Department of Financial Services (“NYDFS”) issued guidance (“April guidance”) to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic.
Thales Cloud Protection & Licensing
NOVEMBER 4, 2020
Financial Services Organizations Need to Adapt their Security Practices to the Shifting Environment. Even “traditional banks” seek to drive more revenue from digital products, personalized services and experiences.
Perficient
JULY 16, 2019
The first step any financial institution must take in its response to the laws is to evaluate its exposure and current capabilities in protecting sensitive business and customer data. Firms should identify the gaps in their cybersecurity program, including areas that need immediate action and longer-term changes to support the program. Implement: Technical services are required to create/ update cybersecurity policies and procedures.
Krebs on Security
JUNE 18, 2021
In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years.
Hunton Privacy
JANUARY 24, 2018
On January 22, 2018, the New York Department of Financial Services (“NYDFS”) issued a press release reminding entities covered by its cybersecurity regulation that the first certification of compliance with the regulation is due on or prior to February 15, 2018. DFS’s goal is to prevent cybersecurity attacks, and we therefore will now include cybersecurity in all DFS examinations to ensure that proper cybersecurity governance is being practiced by our regulated entities.
HL Chronicle of Data Protection
FEBRUARY 25, 2020
The Regulation and the Act both contain prescriptive cybersecurity requirements and new breach notification obligations for regulated organizations. In May 2019, NYDFS announced the creation of a Cybersecurity Division to enforce the Regulation.
Krebs on Security
JULY 23, 2020
In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. First American Financial Corp. Data Breaches The Coming Storm First American Financial Corp. New York State Department of Financial Services Reuters
Krebs on Security
MAY 31, 2019
New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp. NYSE:FAF] as the first test of the state’s strict new cybersecurity regulation. That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful.
Threatpost
OCTOBER 28, 2019
Breach cybersecurity investment data breach financial services GDPR italy unicreditUniCredit was also hit with hacking incidents in September-October 2016 and June-July 2017.
Rocket Software
AUGUST 17, 2020
Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. Benefits for Financial Services. Depending on what industry you’re in, your approach to security may be very different.
Data Protection Report
MARCH 1, 2021
On March 3, 2021, the New York Department of Financial Services (NYDFS) announced a Consent Order with a NYDFS-licensed Maine-based mortgage banker and loan servicer settling alleged violations of the NYDFS cybersecurity regulations. ( Cybersecurity cybersecurity NYDFS
Security Affairs
APRIL 5, 2021
Eighty-nine percent of regulated industry companies felt willing and able to invest in security solutions, although those in the financial services sector are not quite as ready to invest as companies in other markets.”
Hunton Privacy
SEPTEMBER 1, 2021
Securities and Exchange Commission (“SEC”) announced that it had settled three administrative cases involving a total of eight registered broker-dealers and investment advisers for failures in their cybersecurity policies and procedures. Cybersecurity Enforcement U.S.
Perficient
JUNE 18, 2019
Previously, I discussed data privacy laws, specifically involving New York State Department of Financial Services (NYDFS) 23 NYCRR 500. All covered entities must adopt a cybersecurity program that meets the following minimum requirements based on the covered entity’s risk assessment. Cybersecurity Program: Maintain a cybersecurity program designed to protect the confidentiality, integrity, and availability of the information systems.
Data Breach Today
MAY 1, 2018
Imperva's Terry Ray on Application Security Imperatives in the Cloud Age Banks and other financial services sector organizations need to pay more attention to their security infrastructure and defenses and apply application security safeguards to monitor all of their data - as well as individual files, says Terry Ray, CTO of Imperva
Data Protection Report
FEBRUARY 8, 2018
February 15, 2018, is quickly approaching and any entity subject to New York’s cybersecurity regulation (23 NYCRR Part 500) must file its first annual certification of compliance with the New York State Department of Financial Services (DFS) by that date. Regulatory response cybersecurity certification cybersecurity regulation Department of Financial Services DFS New York
Data Protection Report
JUNE 2, 2021
On May 13, 2021, the New York Department of Financial Services (NYDFS) announced a $1.8 million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019.
HL Chronicle of Data Protection
MAY 13, 2019
In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. The entering into effect of multiple state laws in this area may present challenges for insurance providers operating in states where such cybersecurity requirements are provided for.
Data Protection Report
APRIL 22, 2021
On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC), relating to violations of three different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2020.
Data Matters
JUNE 24, 2021
On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. This resolution highlights the SEC’s continued focus on cybersecurity. The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021.
Dark Reading
OCTOBER 15, 2020
New York's Department of Financial Services calls for more cybersecurity regulation at social media firms following the "jarringly easy" Twitter breach
Collibra
FEBRUARY 11, 2020
Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed. 3) Regulators are worried about cybersecurity and the robustness of technology systems in general.
HL Chronicle of Data Protection
FEBRUARY 24, 2020
Please tune in for an in-depth podcast discussion of cybersecurity and the False Claims Act, featuring Mike Vernick and Mike Scheimer. February 26 : FCA Enforcement in the Financial Services Sector. Cybersecurity & Data Breaches cybersecurity False Claims Act podcast
Data Breach Today
JULY 23, 2020
Company Could Be Fined $1,000 for Each Violation of State Cybersecurity Law The New York State Department of Financial Services has filed civil charges against First American Title Insurance Co.,
Data Matters
APRIL 20, 2021
There just may be a new cybersecurity regulator in town. Department of Labor (DOL) published its first cybersecurity guidance last week ( Cybersecurity Guidance ). The Cybersecurity Guidance is directed at plan sponsors and fiduciaries regulated by the Employee Retirement Income Security Act of 1974 (ERISA) as well as plan participants and beneficiaries. Plan sponsors and fiduciaries should carefully review the full list of Tips for Hiring a Service Provider.
Hunton Privacy
JULY 24, 2020
On Wednesday, July 22, the New York Department of Financial Services (the “NYDFS”) announced that it had filed administrative charges against First American Title Insurance Co. under the NYDFS Cybersecurity Regulation , marking the agency’s first enforcement action since the rules went into effect in March 2017. follow the recommendations of First American’s internal cybersecurity team to conduct further investigation into the vulnerability.
The Security Ledger
AUGUST 12, 2021
In this week’s podcast, we speak with Congressman Jim Himes (D-CT) about Congress’s sudden focus on cybersecurity - an about face that Rep. Himes on Congress’s About-face on Cybersecurity appeared first on The Security Ledger with Paul F. DHS announces New Cybersecurity Strategy.
Data Matters
JULY 17, 2020
In recent years, there has been a massive increase in the volume of data maintained and processed by payment service providers. Regulators and policymakers on both sides of the Atlantic are imposing increasingly prescriptive cybersecurity regulatory frameworks and closer scrutiny upon companies, while new and escalating cybersecurity threats challenge standard safeguards. Partner, Privacy and Cybersecurity Practice, Washington, D.C.
86 
Let's personalize your content