Data, Financial Services, Government and Training

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. The Amendment also includes new governance requirements and responsibilities applicable to the CISO of all covered entities.

Financial Services

Financial Services Cybersecurity Compliance Government

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Rocket Software

MARCH 14, 2022

Analyst firm IDC recently published a Vendor Spotlight report featuring ASG Mobius Content Services (Mobius) and its applications in the financial service and insurance industries. The primary challenge financial and insurance organizations are facing is the sheer volume of documents that require processing.

Financial Services

Financial Services Insurance Digital transformation Paper

What can AI and generative AI do for governments?

IBM Big Data Hub

SEPTEMBER 20, 2023

When implemented in a responsible way—where the technology is fully governed, privacy is protected and decision making is transparent and explainable—AI has the power to usher in a new era of government services. AI’s value is not limited to advances in industry and consumer products alone.

Government

Government Artificial Intelligence Privacy Digital transformation

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. Cybersecurity Governance. The proposed amendments revise several aspects of the draft Cybersecurity Rule amendments released on July 29, 2022. Cybersecurity Plan.

Financial Services

Financial Services Cybersecurity Ransomware Compliance

Automated governance and trustworthy AI

IBM Big Data Hub

JUNE 7, 2022

Governments and regulatory bodies around the world are working to establish safety standards. The proposed rules aim to govern automated valuation models to protect borrowers. The announcement highlighted the crucial role of training data, and the terrible consequences of using data that “fails to represent American society.”.

Government

Government Financial Services Compliance Cloud

UK Government sets out proposals to shake up UK data protection laws

Data Protection Report

SEPTEMBER 28, 2021

On 10 September 2021, the UK Government published its consultation paper on proposals to reform the UK’s data protection regime. The context here is enabling innovative data use involving data sharing by different controllers, rather than clarification. The deadline for responding to the consultation is 19 November 2021.

Government

Government FOIA GDPR Compliance

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S. PIPL Raises the Bar – And the Stakes.

Data Privacy

Data Privacy Compliance Privacy Security

AI Governance: Why our tested framework is essential in an AI world

Collibra

AUGUST 14, 2023

As we speed into a new AI era, there’s a critical element that’s often missing when organizations rush forward in hyper-competitive markets to build scalable, trusted AI programs — and that’s AI governance. An AI governance framework offers a blueprint for how to create successful AI products.

Government

Government Risk Financial Services Compliance

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

6 best practices for a data governance strategy

Collibra

APRIL 11, 2022

Data governance is a very intricate field, so implementing and sustaining data governance comes with a suite of challenges. Luckily, thousands, if not millions, of organizations use data governance to improve their operations, so you can learn from others’ mistakes and successes. Identify data domains.

Government

Government Communications Insurance Customer Experience

Top 6 Best Practices for Data Governance

Collibra

MARCH 11, 2021

Data governance is a very intricate field, so implementing and sustaining data governance comes with a suite of challenges. Luckily, thousands, if not millions, of organizations use data governance to improve their operations, so you can learn from others’ mistakes and successes. Operating model example.

Government

Government Communications Insurance Customer Experience

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. Lacewell stated that cybersecurity is the biggest risk for government and private organizations and described how the Framework is based on “extensive dialogue with industry and experts.”. The Framework. 1 See W.B.

Insurance

Insurance Financial Services Cybersecurity Risk

Tackling Data Sovereignty with DDR

Security Affairs

JUNE 20, 2023

Data-centric distributed resilience (DDR) offers a compelling approach to addressing data sovereignty in cybersecurity. As much of our modern life relies upon the cloud, the question of data protection is front of mind for many organizations. Data sovereignty plays a crucial role in a robust security strategy.

Compliance

Compliance Cybersecurity Risk Encryption

From principles to actions: building a holistic approach to AI governance

IBM Big Data Hub

SEPTEMBER 27, 2022

Whether it be financial services, employee hiring, customer service management or healthcare administration, AI is increasingly powering critical workflows across all industries. Data and insights belong to their creator. IBM clients’ data is their data, and their insights are their insights.

Government

Government Compliance Data science Financial Services

$8 million penalty to NYDFS – and another case of over-retention

Data Protection Report

JANUARY 18, 2024

On January 3, 2024, the New York Department of Financial Services announced a consent order with GGT, where GGT agreed to pay NYDFS $8 million and to surrender its BitLicense (for cryptocurrency trading), due to alleged violations of NYDFS’ cybersecurity and its virtual currency regulations.

Cybersecurity

Cybersecurity Financial Services Compliance Encryption

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Security Affairs

MAY 24, 2023

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against four entities and one individual for their role in malicious cyber operations conducted to support the government of North Korea. ” reads the announcement.

Government

Government Military Financial Services IT

#ModernDataMasters: Nicola Askham, The Data Governance Coach

Reltio

SEPTEMBER 24, 2019

Nicola Askham is the leading data governance training provider in the UK with over 16 years of experience and research in the field. She delivers training and consulting to major organisations to help them implement full data governance frameworks. Kate Tickner, Reltio.

Government

Government Digital transformation Big data IT

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

IBM Big Data Hub

DECEMBER 18, 2023

For organizations of all types—and especially those in highly regulated industries such as financial services, government, healthcare and telco—considerations including the rise of generative AI, evolving regulations and data sovereignty laws and ongoing security challenges must be top of mind.

Cloud

Cloud Financial Services Compliance Digital transformation

Finance sector must simplify staff awareness training

IT Governance

APRIL 11, 2019

Financial services firms must do more to educate employees about cyber security, according to the FCA (Financial Conduct Authority). Organisations need to make staff awareness training a board-level priority. Staff awareness training is a crucial part of this. Recruit champions.

Retail

Retail Risk Education Financial Services

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. NYDFS also found that Carnival had failed to implement basic protocols to prevent data breaches.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

NYDFS issues significant guidance on insurers using AI or external data

Data Protection Report

FEBRUARY 2, 2024

On January 17, 2024 the New York Department of Financial Services (“NYDFS”) published a Proposed Insurance Circular Letter (“Proposed Circular”) regarding the use of artificial intelligence systems (“AIS”) and external consumer data and information sources (“ECDIS”) in insurance underwriting and pricing.

Insurance

Insurance Artificial Intelligence Risk Compliance

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

Data breaches in the retail sector illustrate the vulnerabilities inherent to this industry, emphasizing the need for robust cybersecurity measures. This finding not only underscores the vulnerability of the retail sector but also accentuates the financial repercussions of such breaches.

Retail

Retail Cybersecurity Financial Services Encryption

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

The financial sector is quite heavily regulated, and involves a lot of confidential data. You’d therefore expect that the sector fares better at data security than your average organisation. In fact, in 2020–2022, the financial sector was the second-most attacked sector, topped only by the retail and manufacturing sector.

Risk

Risk Data breaches Authentication Financial Services

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

So, as ever, this blog series examines recent phishing campaigns and the tactics criminals use to trick people into compromising their data. These phishing emails have reached the inboxes of users in multiple industries, including finance, manufacturing, financial services, energy, construction and healthcare.

Phishing

Phishing Financial Services Manufacturing Personal data

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business

Thales Cloud Protection & Licensing

DECEMBER 20, 2023

The advent of quantum-safe cryptography is essential to protect sensitive data against the superior capabilities of quantum computers. This development model enables enterprises to conduct model training and processing directly at the edge or on-premises. The implications for business are profound. Gartner has recognized this shift.

Cybersecurity

Cybersecurity Blockchain Artificial Intelligence Encryption

How to responsibly scale business-ready generative AI

IBM Big Data Hub

JUNE 26, 2023

Possibilities are growing that include assisting in writing articles, essays or emails; accessing summarized research; generating and brainstorming ideas; dynamic search with personalized recommendations for retail and travel; and explaining complicated topics for education and training. What is generative AI? What is watsonx.governance?

Retail

Retail Compliance Risk Education

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Consider installing and using a VPN.

Ransomware

Ransomware Passwords Encryption Financial Services

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. Like other competitive GRC solutions, it speeds the process of aggregating and mining data, building reports, and managing files.

Compliance

Compliance Risk Government Retail

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

IBM Big Data Hub

JANUARY 10, 2024

Hybrid cloud is also forcing a significant rethinking of how to secure and protect data and assets. Confidential computing is an emerging foundational capability that enables the protection of data-in-use. This unique capability is designed for workloads that have strong data sovereignty, regulatory or data privacy requirements.

Security

Security Cloud Data Privacy Financial Services

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

The most significant action came in October, when the Berlin Commissioner for Data Protection and Freedom of Information issued a €14.5million fine against German real estate company, Deutsche Wohnen SE, relating to the excessive retention of personal data. How should businesses change their attitudes towards data retention?

Privacy

Privacy Compliance Personal data Risk

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy

Data Privacy Privacy Compliance Analytics

What is Cybersecurity Risk Management?

eSecurity Planet

FEBRUARY 11, 2022

As data and IT infrastructure become more valuable by the day, cybersecurity risk management is increasingly important for enterprises with a steep cost for noncompliance or extensive, unaddressed vulnerabilities. Also read : Top Governance, Risk, and Compliance (GRC) Tools for 2022. Mapping Environment Data.

Risk

Risk Cybersecurity Encryption Access

The aftermath of an incident – business considerations surrounding record-keeping

Data Protection Report

AUGUST 2, 2022

Organizations should also be aware of sector-specific statutory obligations which may apply to them, for example in health or financial services industries. For a purchaser, records of privacy incidents provide valuable information about the vendor’s privacy governance structure. Risk management and mitigation.

Compliance

Compliance Privacy Risk Financial Services

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Late last year, Atrium Health disclosed it lost sensitive data for some 2.65 The culprit: lax practices of a third-party data and analytics contractor. One might assume top-tier financial services firms and healthcare vendors would have solved third-party cyber exposures by now. Uphill battle.

Risk

Risk Financial Services Insurance Cybersecurity

Turning climate risks into business opportunities

IBM Big Data Hub

MARCH 27, 2024

In some business sectors, such as financial services, fast-moving consumer goods and healthcare, business interruptions can have a significant detrimental impact on daily life. Their state governments must order electricity for their citizens in advance, and they used to predict demand manually by using spreadsheets.

Risk

Risk Artificial Intelligence Agriculture Financial Services

How ATB Financial drives agile data ops with Collibra and GCP

Collibra

MARCH 23, 2021

ATB Financial provides a diversified set of financial services to more than 770,000 residents of Alberta, Canada. Being a regionally focused institution, the group is dedicated to knowing its customers intimately, understanding their needs and providing products and services that help them achieve their goals.

Cloud

Cloud Government Access Metadata

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

Cyber criminals may damage, destroy, steal, encrypt, expose, or leak data as well as cause harm to a system. These new attacks affect everything from private citizens and businesses to government systems; healthcare organizations; public services; and food, water, and fuel supply chains. Ransomware. Crimeware and spyware.

Ransomware

Ransomware Cybersecurity Phishing Encryption

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021. The Order alleges that this vulnerability exposed over 800 million images dating back to 2003, including sensitive personal data, such as Social Security numbers and financial information.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

BIPA Year in Review: Where Are We Now and What’s Coming Next?

Data Protection Report

NOVEMBER 16, 2022

BIPA exempts certain types of entities, namely, organizations that are governed by certain federal laws including the X-Ray Retention Act, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), and the Gramm-Leach-Bliley Act (“GLBA”). Who is covered by BIPA? 740 ILCS 14/25(b)-(c). DePaul University , Case No.

Financial Services

Financial Services Privacy Compliance Insurance

How Long Should I Keep This Business Record For?

AIIM

MARCH 3, 2020

Too often I hear one of two, equally bad answers: Keep Records for Seven years: This seems to be the de facto answer, especially for financial services records. Internal Revenue Service rules around when they can audit individual and corporate tax returns. BIG DATA!!! As near as I can tell, this comes from the U.S.

Records Management

Records Management Financial Services Big data Analytics

State Attackers Moving from Stealing Data to Social Meddling

Ascent Innovations

MAY 17, 2018

State Attackers Moving from Stealing Data to Social Meddling. State-sponsored attacks are expanding from cyber-physical (compromise data or critical infrastructure), to cyber-social (influence the opinions and actions of people). State actors tend to zero in on government agencies or utilities and energy targets. New bad actors.

Energy and Utilities

Energy and Utilities IoT Mining Financial Services

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

On July 25, 2019, Governor Cuomo signed the two bills into law, one which amended the state’s data breach notification law, and another that created additional obligations for data breaches at credit reporting agencies. The Stop Hacks and Improve Electronic Data Security Act.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

Hundreds of malicious Chrome browser extensions used to spy on you!

Security Affairs

JUNE 20, 2020

Malicious Chrome browser extensions were used in a massive surveillance campaign aimed at users working in the financial services, oil and gas, media and entertainment, healthcare, government organizations, and pharmaceuticals. The tech giant removed over 100 Chrome browser extensions from the official Web Store.

Healthcare

Healthcare Financial Services Communications Security

Top 12 Cloud Security Best Practices for 2021

eSecurity Planet

SEPTEMBER 10, 2021

For many organizations, the idea of storing data or running applications on infrastructure that they do not manage directly seems inherently insecure. According to IDC’s 2021 State of Cloud Security Report , 79 percent of surveyed companies reported a cloud data breach in the last 18 months.

Cloud

Cloud Security Encryption Risk

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Webinars

Trending Sources

What can AI and generative AI do for governments?

Webinars

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Automated governance and trustworthy AI

UK Government sets out proposals to shake up UK data protection laws

Security Compliance & Data Privacy Regulations

AI Governance: Why our tested framework is essential in an AI world

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

6 best practices for a data governance strategy

Top 6 Best Practices for Data Governance

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Tackling Data Sovereignty with DDR

From principles to actions: building a holistic approach to AI governance

$8 million penalty to NYDFS – and another case of over-retention

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

#ModernDataMasters: Nicola Askham, The Data Governance Coach

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

Finance sector must simplify staff awareness training

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

NYDFS issues significant guidance on insurers using AI or external data

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Risk Management under the DORA Regulation

Catches of the Month: Phishing Scams for October 2023

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business

How to responsibly scale business-ready generative AI

Avoslocker ransomware gang targets US critical infrastructure

Top 10 Governance, Risk and Compliance (GRC) Vendors

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

What is Cybersecurity Risk Management?

The aftermath of an incident – business considerations surrounding record-keeping

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

Turning climate risks into business opportunities

How ATB Financial drives agile data ops with Collibra and GCP

What is a Cyberattack? Types and Defenses

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

BIPA Year in Review: Where Are We Now and What’s Coming Next?

How Long Should I Keep This Business Record For?

State Attackers Moving from Stealing Data to Social Meddling

New York Enacts Stricter Data Cybersecurity Laws

Hundreds of malicious Chrome browser extensions used to spy on you!

Top 12 Cloud Security Best Practices for 2021

Stay Connected