Data, Financial Services, Security and Training

Defending Financial Services Against Fraud in a Shifting Cyber Landscape

Thales Cloud Protection & Licensing

NOVEMBER 13, 2023

Defending Financial Services Against Fraud in a Shifting Cyber Landscape sparsh Tue, 11/14/2023 - 05:05 As we approach International Fraud Awareness Week during 12-18 November 2023, taking stock of the evolving threat landscape and the vulnerabilities that financial services organizations face is crucial.

Financial Services

Financial Services Blockchain Encryption Cloud

CHINA: New draft proposes more stringent requirements for processing data in the financial services industry

DLA Piper Privacy Matters

AUGUST 8, 2023

Authors: Carolyn Bigg, Amanda Ge and Venus Cheung On July 24, 2023, the People’s Bank of China (“ PBOC ”) released the Measures for the Management of Data Security in the Business Areas Falling into PBOC’s Jurisdiction (Draft for Comment) (“ Draft Measures” ) for public consultation, which closes on August 24, 2023.

Financial Services

Financial Services Personal data Compliance Data collection

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. Covered entities shall also provide at least annual training and cybersecurity awareness programs that anticipate social engineering attacks (500.14).

Financial Services

Financial Services Cybersecurity Compliance Government

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

The Last Watchdog

JULY 11, 2023

When it comes to alternative asset trading, protecting investor data is of critical importance. Related: Preserving the privacy of the elderly As more traders and investors engage in these investment avenues, it is crucial to adopt robust security measures to safeguard sensitive and regulated information.

IT

IT Encryption Risk Financial Services

Assessing Growing Cyberthreats to Africa's Financial Sector

Data Breach Today

SEPTEMBER 27, 2022

Rob Dartnall of Security Alliance Shares Insights on Current and Emerging Trends Financial services firms in Africa are becoming bigger cyber targets as they expand into new mobile payment and financial inclusion products.

Financial Services

Financial Services Cybersecurity Security

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Rocket Software

MARCH 14, 2022

Analyst firm IDC recently published a Vendor Spotlight report featuring ASG Mobius Content Services (Mobius) and its applications in the financial service and insurance industries. Going forward, businesses need to fill these gaps with the right solutions to manage critical information assets securely and effectively.

Financial Services

Financial Services Insurance Digital transformation Paper

Vermont Enacts Insurance Data Security Law

Hunton Privacy

JUNE 9, 2022

515 , making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law (“MDL-668”). Information Security Program Requirements. On May 27, 2022, Vermont Governor Phil Scott signed H.515

Insurance

Insurance Security Information Security Cybersecurity

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. Covered Entities must have a monitoring process that ensures prompt notification of any new security vulnerabilities. Cybersecurity Governance.

Financial Services

Financial Services Cybersecurity Ransomware Compliance

How to Prevent Data Breaches: Data Breach Prevention Tips

eSecurity Planet

AUGUST 22, 2023

With the ever-present threat of data breaches, organizations need to adopt best practices to help prevent breaches and to respond to them when they occur to limit any damage. And breaches will occur – because bad guys make a living by figuring out ways to circumvent security best practices. But it requires different levels of security.

Data breaches

Data breaches Big data Cybersecurity Security

New York Department of Financial Services Released New Guidance Addressing COVID-19 Related Cybersecurity Risks

HL Chronicle of Data Protection

APRIL 17, 2020

Continuing its focus on COVID-19’s impact on its regulated entities, on April 13, the New York Department of Financial Services (NYDFS) released new cybersecurity guidance in response to the COVID-19 pandemic. Data Loss Prevention – ensure employees are not sending nonpublic information to personal email accounts and devices.

Financial Services

Financial Services Risk Cybersecurity Phishing

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

NEW TECH: Security Compass streamlines the insertion of security best practices into DevOps

The Last Watchdog

MARCH 31, 2020

Related: A firewall for microservices DevSecOps arose to insert security checks and balances into DevOps, aiming to do so without unduly degrading speed and agility. If you’re thinking that speed and security are like oil and water, you’re right. For a full drill down on our discussion, please give the accompanying podcast a listen.

Security

Security Privacy Financial Services Risk

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. Authorized property/casualty insurers should use a data-driven and comprehensive plan to assess gaps and vulnerabilities in the cybersecurity of their insureds and potential insureds. Rigorously Measure Insured Risk. 1 See W.B.

Insurance

Insurance Financial Services Cybersecurity Risk

Tackling Data Sovereignty with DDR

Security Affairs

JUNE 20, 2023

Data-centric distributed resilience (DDR) offers a compelling approach to addressing data sovereignty in cybersecurity. As much of our modern life relies upon the cloud, the question of data protection is front of mind for many organizations. Data sovereignty plays a crucial role in a robust security strategy.

Compliance

Compliance Cybersecurity Risk Encryption

NY Department of Financial Services Issues Guidance to Regulated Entities Regarding Cybersecurity During the COVID-19 Pandemic

Hunton Privacy

APRIL 22, 2020

On April 13, 2020, the New York Department of Financial Services (“NYDFS”) issued guidance (“April guidance”) to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic.

Financial Services

Financial Services Cybersecurity Phishing Risk

The convergence of HPC and AI: Driving innovation at speed

IBM Big Data Hub

APRIL 5, 2024

As an integrated solution across critical components of computing, network, storage and security, the platform aims to assist enterprises in addressing regulatory and efficiency demands. With data nearly everywhere, organizations often possess an existing repository acquired from running traditional HPC simulation and modeling workloads.

Artificial Intelligence

Artificial Intelligence Computer and Electronics Financial Services Manufacturing

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

IBM Big Data Hub

JANUARY 10, 2024

Hybrid cloud has become the dominant approach for enterprise cloud strategies , but it comes with complexity and concerns over integration, security and skills. Hybrid cloud is also forcing a significant rethinking of how to secure and protect data and assets.

Security

Security Cloud Data Privacy Financial Services

Top 12 Cloud Security Best Practices for 2021

eSecurity Planet

SEPTEMBER 10, 2021

From the very beginning of the cloud computing era, security has been the biggest concern among enterprises considering the public cloud. For many organizations, the idea of storing data or running applications on infrastructure that they do not manage directly seems inherently insecure. What is cloud security?

Cloud

Cloud Security Encryption Risk

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

IBM Big Data Hub

DECEMBER 18, 2023

For organizations of all types—and especially those in highly regulated industries such as financial services, government, healthcare and telco—considerations including the rise of generative AI, evolving regulations and data sovereignty laws and ongoing security challenges must be top of mind.

Cloud

Cloud Financial Services Compliance Digital transformation

Finance sector must simplify staff awareness training

IT Governance

APRIL 11, 2019

Financial services firms must do more to educate employees about cyber security, according to the FCA (Financial Conduct Authority). What should financial organisations be doing? Organisations need to make staff awareness training a board-level priority. Staff awareness training is a crucial part of this.

Retail

Retail Risk Education Financial Services

$8 million penalty to NYDFS – and another case of over-retention

Data Protection Report

JANUARY 18, 2024

On January 3, 2024, the New York Department of Financial Services announced a consent order with GGT, where GGT agreed to pay NYDFS $8 million and to surrender its BitLicense (for cryptocurrency trading), due to alleged violations of NYDFS’ cybersecurity and its virtual currency regulations.

Cybersecurity

Cybersecurity Financial Services Compliance Encryption

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

Data breaches in the retail sector illustrate the vulnerabilities inherent to this industry, emphasizing the need for robust cybersecurity measures. This finding not only underscores the vulnerability of the retail sector but also accentuates the financial repercussions of such breaches. This is a critical lesson for retailers.

Retail

Retail Cybersecurity Financial Services Encryption

NYDFS Updates Its Cybersecurity Regulation to Protect Against Growing Cyber Threats

Hunton Privacy

NOVEMBER 8, 2023

On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. Our previous blog post covered key proposed changes to the Cyber Regulation.

Cybersecurity

Cybersecurity IT Compliance Financial Services

5 things to know: IBM Cloud’s mission to accelerate innovation for clients

IBM Big Data Hub

AUGUST 1, 2023

We are bringing the power of foundation models with the availability of a GPU as a service on IBM Cloud offering to help organizations tap into artificial intelligence (AI) in a secured environment while aiming to mitigate third- and fourth-party risk.

Financial Services

Financial Services Computer and Electronics Cloud Digital transformation

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. NYDFS also found that Carnival had failed to implement basic protocols to prevent data breaches.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

NYDFS Issues Ransomware Guidance Outlining Expected Security Controls

Hunton Privacy

JULY 12, 2021

On June 30, 2021, the New York State Department of Financial Services (“NYDFS,” the “Department”) issued guidance to all New York state regulated entities on ransomware (the “Guidance”), identifying controls it expects regulated companies to implement whenever possible.

Ransomware

Ransomware Security Financial Services Cybersecurity

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

The Last Watchdog

NOVEMBER 9, 2020

We’ve surrounded ourselves with embedded sensors continually transmitting data across the internet. IoT devices help remotely control our household appliances, power plants, smart buildings, factories, airports, shipyards, trucks, trains and military. The mainstreaming of IoT IoT very clearly has gone mainstream.

IoT

IoT Passwords Artificial Intelligence Risk

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

October is both Cybersecurity Awareness Month in the US and European Cyber Security Month in the EU – twin campaigns on either side of the Atlantic that aim to improve awareness of the importance of cyber security both at work and at home, and provide tips on how to stay secure.

Phishing

Phishing Financial Services Manufacturing Personal data

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

The financial sector is quite heavily regulated, and involves a lot of confidential data. You’d therefore expect that the sector fares better at data security than your average organisation. In fact, in 2020–2022, the financial sector was the second-most attacked sector, topped only by the retail and manufacturing sector.

Risk

Risk Data breaches Authentication Financial Services

Conversational AI use cases for enterprises

IBM Big Data Hub

FEBRUARY 23, 2024

DL models can improve over time through further training and exposure to more data. Predictive analytics integrates with NLP, ML and DL to enhance decision-making capabilities, extract insights, and use historical data to forecast future behavior, preferences and trends.

Analytics

Analytics Artificial Intelligence Marketing Education

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business

Thales Cloud Protection & Licensing

DECEMBER 20, 2023

The advent of quantum-safe cryptography is essential to protect sensitive data against the superior capabilities of quantum computers. This development model enables enterprises to conduct model training and processing directly at the edge or on-premises. The implications for business are profound. Gartner has recognized this shift.

Cybersecurity

Cybersecurity Blockchain Artificial Intelligence Encryption

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. hard drive, storage device, the cloud).

Ransomware

Ransomware Passwords Encryption Financial Services

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Data Matters

MARCH 28, 2022

OCR concludes most cyber-attacks could be prevented or substantially mitigated if HIPAA covered entities and business associates implemented HIPAA Security Rule requirements to address the most common types of attacks. implement a security awareness and training program for all workforce members pursuant to the HIPAA Security Rule.

Cybersecurity

Cybersecurity Privacy Insurance Risk

How Jamworks protects confidentiality while integrating AI advantages

IBM Big Data Hub

JANUARY 12, 2024

For enterprises dealing with sensitive information, it is vital to maintain state-of-the-art data security in order to reap the rewards,” says Stuart Winter, Executive Chairman and Co-Founder at Lacero Platform Limited, Jamworks and Guardian. Jamworks has two core products: Jamworks for Education and Jamworks for Business.

Cloud

Cloud Data Privacy Encryption Privacy

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Late last year, Atrium Health disclosed it lost sensitive data for some 2.65 The culprit: lax practices of a third-party data and analytics contractor. One might assume top-tier financial services firms and healthcare vendors would have solved third-party cyber exposures by now. Uphill battle.

Risk

Risk Financial Services Insurance Cybersecurity

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

Cyber criminals may damage, destroy, steal, encrypt, expose, or leak data as well as cause harm to a system. Also read: The Best Wi-Fi 6 Routers Secure and Fast Enough for Business. In May, cybersecurity researchers revealed that ransomware attacks are increasing their aggressive approach by destroying data instead of encrypting it.

Ransomware

Ransomware Cybersecurity Phishing Encryption

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy

Data Privacy Privacy Compliance Analytics

What is Cybersecurity Risk Management?

eSecurity Planet

FEBRUARY 11, 2022

As data and IT infrastructure become more valuable by the day, cybersecurity risk management is increasingly important for enterprises with a steep cost for noncompliance or extensive, unaddressed vulnerabilities. Mapping Environment Data. Read more : Top Database Security Solutions for 2022. Risk-Reward Calculation.

Risk

Risk Cybersecurity Encryption Access

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

On July 25, 2019, Governor Cuomo signed the two bills into law, one which amended the state’s data breach notification law, and another that created additional obligations for data breaches at credit reporting agencies. The Stop Hacks and Improve Electronic Data Security Act.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

The most valuable AI use cases for business

IBM Big Data Hub

FEBRUARY 14, 2024

But right now, pure AI can be programmed for many tasks that require thought and intelligence , as long as that intelligence can be gathered digitally and used to train an AI system. Generative AI can produce high-quality text, images and other content based on the data used for training.

Artificial Intelligence

Artificial Intelligence Retail Unstructured data Insurance

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

KnowBe4

MARCH 28, 2023

Security awareness training still has a place to play here." Email and other elements of software infrastructure offer built-in fundamental security that largely guarantees we are not in danger until we ourselves take action," Tyson writes. Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users.

Phishing

Phishing Security awareness Insurance Cybersecurity

The aftermath of an incident – business considerations surrounding record-keeping

Data Protection Report

AUGUST 2, 2022

Organizations should also be aware of sector-specific statutory obligations which may apply to them, for example in health or financial services industries. M&A and Securities law. In this post we discuss the operational advantages of a good privacy breach record-keeping program. Risk management and mitigation.

Compliance

Compliance Privacy Risk Financial Services

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

KnowBe4

FEBRUARY 14, 2023

[link] Spear Phishing Attacks Increase 127% As Use of Impersonation Skyrockets Impersonation of users, domains and brands is on the rise, as is the use of malicious links, in response to security vendors improving their ability to detect malicious attachments. Blog post with links: [link] Are Your Users Making Risky Security Mistakes?

Phishing

Phishing Security awareness Compliance Risk

Defending Financial Services Against Fraud in a Shifting Cyber Landscape

CHINA: New draft proposes more stringent requirements for processing data in the financial services industry

Webinars

Trending Sources

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Webinars

Security Compliance & Data Privacy Regulations

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

Assessing Growing Cyberthreats to Africa's Financial Sector

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Vermont Enacts Insurance Data Security Law

NYDFS Amends Cybersecurity Rules for Financial Services Companies

How to Prevent Data Breaches: Data Breach Prevention Tips

New York Department of Financial Services Released New Guidance Addressing COVID-19 Related Cybersecurity Risks

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

NEW TECH: Security Compass streamlines the insertion of security best practices into DevOps

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Tackling Data Sovereignty with DDR

NY Department of Financial Services Issues Guidance to Regulated Entities Regarding Cybersecurity During the COVID-19 Pandemic

The convergence of HPC and AI: Driving innovation at speed

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

Top 12 Cloud Security Best Practices for 2021

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

Finance sector must simplify staff awareness training

$8 million penalty to NYDFS – and another case of over-retention

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

NYDFS Updates Its Cybersecurity Regulation to Protect Against Growing Cyber Threats

5 things to know: IBM Cloud’s mission to accelerate innovation for clients

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

NYDFS Issues Ransomware Guidance Outlining Expected Security Controls

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

Catches of the Month: Phishing Scams for October 2023

Risk Management under the DORA Regulation

Conversational AI use cases for enterprises

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business

Avoslocker ransomware gang targets US critical infrastructure

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

How Jamworks protects confidentiality while integrating AI advantages

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

What is a Cyberattack? Types and Defenses

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

What is Cybersecurity Risk Management?

New York Enacts Stricter Data Cybersecurity Laws

The most valuable AI use cases for business

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

The aftermath of an incident – business considerations surrounding record-keeping

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

Stay Connected