Dark Reading

DECEMBER 8, 2020

Financial services companies' experience in risk management serves them well when it comes to minimizing their cyber-risk

Financial Services 64

Financial Services Risk Compliance Cybersecurity 64

Perficient Data & Analytics

JUNE 4, 2019

In my post today I want to discuss data privacy laws, specifically involving New York State Department of Financial Services (NYDFS) 23 NYCRR 500. The New York State Department of Financial Services (NYDFS) 23 NYCRR 500 is a set of regulations that place cybersecurity requirements on all covered financial institutions. Service providers. There are few exemptions to the NYDFS cybersecurity regulation.

Financial Services 42

Financial Services Data Privacy Cybersecurity Insurance 42

ARMA International

NOVEMBER 7, 2019

The scope of a records and information management (RIM) program in financial services can seem overwhelming. Compared to other industries, the complexities of managing records and information in financial services are arguably some of the toughest to solve, primarily because of the intense regulatory scrutiny. History of Financial System. financial system continues to evolve in response to changing regulations. Financial Services Industry Overview.

Financial Services 55

Financial Services Communications Risk Customer Experience 55

HL Chronicle of Data Protection

APRIL 17, 2020

Continuing its focus on COVID-19’s impact on its regulated entities, on April 13, the New York Department of Financial Services (NYDFS) released new cybersecurity guidance in response to the COVID-19 pandemic. The guidance highlights the heightened cybersecurity risks from the current crisis and NYDFS’ expectations that its regulated entities address those risks as large portions of their workforce have shifted to remote working arrangements.

Financial Services 52

Financial Services MDM Authentication Risk 52

Perficient Data & Analytics

JULY 16, 2019

The first step any financial institution must take in its response to the laws is to evaluate its exposure and current capabilities in protecting sensitive business and customer data. Firms should identify the gaps in their cybersecurity program, including areas that need immediate action and longer-term changes to support the program. Implement: Technical services are required to create/ update cybersecurity policies and procedures.

Financial Services 43

Financial Services GDPR Cybersecurity Data breaches 43

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Part 500 (Cybersecurity Regulation or Regulation). The NYDFS Cybersecurity Regulation.

Financial Services 65

Financial Services Insurance Risk Encryption 65

CGI

APRIL 17, 2020

Embracing new ways of working in financial services. In times of crisis, the preservation of key functions and services is critical, regardless of industry. Financial services is no exception, as payments, lending, and trade are the lifeblood of the global economy, even in challenging times. As a result, banks face the challenge of addressing impacted functions such as customer service calls, loan servicing, and even account opening.

Financial Services 59

Financial Services Artificial Intelligence Computer and Electronics Cybersecurity 59

InfoGoTo

MARCH 7, 2019

A survey by Vuealta found that fiancial services leaders are far more concerned about compliance and cybersecurity than the financial services startups they are in competition with. Financial Services News financial services fintech fintech startupsThis may be a mistake. Read more here.

Financial Services 40

Financial Services Cybersecurity Compliance 40

Hunton Privacy

APRIL 22, 2020

On April 13, 2020, the New York Department of Financial Services (“NYDFS”) issued guidance (“April guidance”) to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic.

Financial Services 53

Financial Services Risk Phishing Authentication 53

Hunton Privacy

JANUARY 24, 2018

On January 22, 2018, the New York Department of Financial Services (“NYDFS”) issued a press release reminding entities covered by its cybersecurity regulation that the first certification of compliance with the regulation is due on or prior to February 15, 2018. DFS’s goal is to prevent cybersecurity attacks, and we therefore will now include cybersecurity in all DFS examinations to ensure that proper cybersecurity governance is being practiced by our regulated entities.

Financial Services 53

Financial Services Insurance Marketing Cybersecurity 53

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. First American Financial Corp. Data Breaches The Coming Storm First American Financial Corp. New York State Department of Financial Services Reuters

Financial Services 187

Financial Services Insurance Mining Access 187

HL Chronicle of Data Protection

FEBRUARY 25, 2020

Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the effective date of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act or Act). The Regulation and the Act both contain prescriptive cybersecurity requirements and new breach notification obligations for regulated organizations.

Cybersecurity 66

Cybersecurity Insurance Authentication Encryption 66

Krebs on Security

MAY 31, 2019

New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp. NYSE:FAF] as the first test of the state’s strict new cybersecurity regulation. That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful.

Financial Services 157

Financial Services Insurance Sales Authentication 157

Threatpost

OCTOBER 28, 2019

Breach cybersecurity investment data breach financial services GDPR italy unicreditUniCredit was also hit with hacking incidents in September-October 2016 and June-July 2017.

Cybersecurity 45

Cybersecurity Financial Services GDPR Data breaches 45

Perficient Data & Analytics

JUNE 18, 2019

Previously, I discussed data privacy laws, specifically involving New York State Department of Financial Services (NYDFS) 23 NYCRR 500. All covered entities must adopt a cybersecurity program that meets the following minimum requirements based on the covered entity’s risk assessment. Cybersecurity Program: Maintain a cybersecurity program designed to protect the confidentiality, integrity, and availability of the information systems.

Cybersecurity 43

Cybersecurity Financial Services Authentication Access 43

Rocket Software

AUGUST 17, 2020

Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. Benefits for Financial Services. Depending on what industry you’re in, your approach to security may be very different.

Authentication 52

Authentication Passwords Insurance Phishing 52

Data Breach Today

MAY 1, 2018

Imperva's Terry Ray on Application Security Imperatives in the Cloud Age Banks and other financial services sector organizations need to pay more attention to their security infrastructure and defenses and apply application security safeguards to monitor all of their data - as well as individual files, says Terry Ray, CTO of Imperva

Cybersecurity 100

Cybersecurity Financial Services Cloud Security 100

Dark Reading

OCTOBER 15, 2020

New York's Department of Financial Services calls for more cybersecurity regulation at social media firms following the "jarringly easy" Twitter breach

Financial Services 101

Financial Services Cybersecurity Security 101

Data Protection Report

FEBRUARY 8, 2018

February 15, 2018, is quickly approaching and any entity subject to New York’s cybersecurity regulation (23 NYCRR Part 500) must file its first annual certification of compliance with the New York State Department of Financial Services (DFS) by that date. Regulatory response cybersecurity certification cybersecurity regulation Department of Financial Services DFS New York

Compliance 40

Compliance Insurance Cybersecurity Authentication 40

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. The entering into effect of multiple state laws in this area may present challenges for insurance providers operating in states where such cybersecurity requirements are provided for.

Insurance 40

Insurance Cybersecurity Compliance Risk 40

Hunton Privacy

JULY 24, 2020

On Wednesday, July 22, the New York Department of Financial Services (the “NYDFS”) announced that it had filed administrative charges against First American Title Insurance Co. under the NYDFS Cybersecurity Regulation , marking the agency’s first enforcement action since the rules went into effect in March 2017. follow the recommendations of First American’s internal cybersecurity team to conduct further investigation into the vulnerability.

Cybersecurity 62

Cybersecurity Risk Insurance Financial Services 62

Data Breach Today

JULY 23, 2020

Company Could Be Fined $1,000 for Each Violation of State Cybersecurity Law The New York State Department of Financial Services has filed civil charges against First American Title Insurance Co.,

Insurance 196

Insurance Financial Services Cybersecurity Personal data 196

Data Matters

JULY 17, 2020

In recent years, there has been a massive increase in the volume of data maintained and processed by payment service providers. Regulators and policymakers on both sides of the Atlantic are imposing increasingly prescriptive cybersecurity regulatory frameworks and closer scrutiny upon companies, while new and escalating cybersecurity threats challenge standard safeguards. Partner, Privacy and Cybersecurity Practice, Washington, D.C.

Financial Services 65

Financial Services Cybersecurity Risk GDPR 65

HL Chronicle of Data Protection

FEBRUARY 24, 2020

Please tune in for an in-depth podcast discussion of cybersecurity and the False Claims Act, featuring Mike Vernick and Mike Scheimer. February 26 : FCA Enforcement in the Financial Services Sector. Cybersecurity & Data Breaches cybersecurity False Claims Act podcastMike Vernick. Michael Scheimer. March 4 : Looking ahead. In case you missed our previous episodes: January 29 : The FCA at the Supreme Court. February 5 : AseraCare Decision.

Financial Services 43

Financial Services Access Cybersecurity Data breaches 43

Data Breach Today

SEPTEMBER 4, 2019

Ted Augustinos of Locke Lord LLP Addresses the Challenges Defining the scope of third-party risk is challenging, says Ted Augustinos of Locke Lord LLP, who discusses compliance with the New York Department of Financial Services' cybersecurity regulation

Compliance 125

Compliance Financial Services Risk Cybersecurity 125

Collibra

FEBRUARY 11, 2020

Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed. They are creating a layer of rules about third party risk, operational resilience, and cybersecurity that go above and beyond new data privacy laws such as the EU’s GDPR and California’s CCPA in their impact. 3) Regulators are worried about cybersecurity and the robustness of technology systems in general.

Digital transformation 43

Digital transformation Personal data Compliance Cybersecurity 43

Data Matters

AUGUST 5, 2019

Together, the new laws require the implementation of reasonable data security safeguards, expand breach reporting obligations for certain types of information, and require that a “consumer credit reporting agency” that suffers a data breach provide five years of identity theft prevention services for impacted residents. The Identity Theft Prevention and Mitigation Services Act. More State Privacy and Cybersecurity Legal Developments on the Horizon.

Cybersecurity 65

Cybersecurity Privacy Risk Insurance 65

Perficient Data & Analytics

MAY 22, 2018

Make sure you use two-factor authentication for all services that offer them. Never re-use passwords across services. Keep your knowledge up-to-date by paying attention to cybersecurity awareness programs. Microsoft Word has long offered support for loading images and templates over the network. This is a great feature within corporate environments because it facilitates the reuse of assets like logos and corporate document templates.

Passwords 40

Passwords Authentication Customer Experience Financial Services 40

Thales eSecurity

NOVEMBER 27, 2018

The cybersecurity regulation ( 23 NYCRR 500 ) adopted by the New York State Department of Financial Services (NYDFS) is nearly two years old. Even though these regulations only apply to New York, financial institutions across the U.S. In September financial services companies faced the largest set of regulations in the process thus far.

Financial Services 58

Financial Services Encryption Cybersecurity Authentication 58

InfoGoTo

JULY 22, 2019

Retail banks in the United States face a whole host of challenges including customer confidence, regulatory compliance, attracting new customers, cybersecurity, utilizing big data and mastering social media, to name a few. According to an article by The Financial Brand , retail banks’ top priorities include: using big data, AI and advanced analytics. Financial Services artificial intelligence banking banks Retail banks

Retail 40

Retail Big data Analytics Paper 40

Data Matters

JANUARY 2, 2018

This past year was marked by ever more significant data breaches, growing cybersecurity regulatory requirements at the state and federal levels and continued challenges in harmonizing international privacy and cybersecurity regulations. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR. A Pivot Toward Asia for Privacy and Cybersecurity Laws. SEC on Cybersecurity and Rise of Shareholder Breach Litigation.

Cybersecurity 65

Cybersecurity Privacy Healthcare Risk 65

HL Chronicle of Data Protection

JULY 15, 2019

Hogan Lovells announced today that Peter Marta , the former global head of Cybersecurity and Global Security and Investigations Legal for JPMorgan Chase and Co., has joined our Privacy and Cybersecurity practice as a partner. Pete is an established leader in the banking and financial services sectors. News & Events Hogan Lovells partner Privacy and Cybersecurity

Financial Services 40

Financial Services Government Risk Cybersecurity 40

Data Breach Today

NOVEMBER 2, 2018

Plus, updates on the indictments of Chinese agents for hacking and the unveiling of the Financial Services Sector Cybersecurity Profile The latest edition of the ISMG Security Report features Kevin McDonald of the Mayo Clinic discussing how to secure connected medical devices.

Financial Services 133

Financial Services Cybersecurity Security 133

HL Chronicle of Data Protection

OCTOBER 4, 2018

The New York State Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) came into effect March 1, 2017 (see our previous publications: “ New York Department of Financial Services Cybersecurity rules revised and delayed ,” “ The ‘Final Final’ Is Here: NYDFS Cybersecurity Regulations ,” and “ A guide to NYDFS Cybersecurity Regulation’s March 1 implementation deadline ”). Cybersecurity & Data Breaches

Encryption 57

Encryption Financial Services Cybersecurity Compliance 57

Hunton Privacy

JUNE 29, 2018

On June 25, 2018, the New York Department of Financial Services (“NYDFS”) issued a final regulation (the “Regulation”) requiring consumer reporting agencies with “significant operations” in New York to (1) register with NYDFS for the first time and (2) comply with the NYDFS’s cybersecurity regulation. The deadline for consumer reporting agencies to come into compliance with the cybersecurity regulation is November 1, 2018.

Financial Services 40

Financial Services Cybersecurity Compliance Privacy 40

Hunton Privacy

MARCH 23, 2018

On March 20, 2018, the Financial Stability Board (“FSB”) delivered a note to finance ministers and central bank governors from the world’s top 20 economic powers, known as the G-20. The FSB is developing the cyber lexicon to address cybersecurity and cyber resilience in the financial sector and hopes that it will boost cross-border cooperation on cybersecurity. Cybersecurity Financial Privacy

Insurance 46

Insurance Financial Services Communications Cybersecurity 46

HL Chronicle of Data Protection

MARCH 16, 2020

On Tuesday, 3 March 2020, we welcomed our financial services clients in London to a lively panel event, which covered the multitude of issues which arise in a cybersecurity incident. Over the past decade, cybersecurity has emerged as one of the most serious and challenging threats to businesses, with CEOs around the world naming it as the main worry that keeps them up at night. Peter Marta. Arwen Handley. Philip Parish. Nicola Fulford.

Insurance 43

Insurance Risk Financial Services GDPR 43

DLA Piper Privacy Matters

APRIL 2, 2020

Working remotely, or “teleworking,” presents unique cybersecurity challenges to the employer, the employee and the supply chain, especially when being done for the first time in a rapidly changing environment. We include some of the cybersecurity practices that are included in industry standards and legal frameworks, and that have been reaffirmed through our collective experience in cyber incident response. COVID-19 resource pages may also include cybersecurity information.

Phishing 40

Phishing Authentication Access Cybersecurity 40

Data Protection Report

JANUARY 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS””) Cybersecurity Regulation , 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective. Third-party service provider risk management program. February 15 deadline looms for first DFS Cybersecurity Certification. Compliance date for next set of DFS cybersecurity regulations is September 4, 2018.

Financial Services 40

Financial Services Authentication Encryption Insurance 40

Data Matters

APRIL 23, 2018

Recent guidance from the Securities and Exchange Commission (SEC) on disclosure and enforcement actions by the Federal Trade Commission (FTC) make clear that cybersecurity is no longer a niche topic, but a concern significant enough to warrant the oversight of corporate boards of directors. The most prepared cybersecurity programs of today will not attempt to implement a static, “out-of-the-box” solution to cyber risk. Adopting the NIST Cybersecurity Framework.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60