Definition, Financial Services, Government and Training

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. Revised Definition of Class A Companies. Cybersecurity Governance. Incident Response and Business Continuity and Disaster Recovery Plan.

Financial Services

Financial Services Cybersecurity Ransomware Compliance

AI Governance: Why our tested framework is essential in an AI world

Collibra

AUGUST 14, 2023

As we speed into a new AI era, there’s a critical element that’s often missing when organizations rush forward in hyper-competitive markets to build scalable, trusted AI programs — and that’s AI governance. An AI governance framework offers a blueprint for how to create successful AI products.

Government

Government Risk Financial Services Compliance

Top 6 Best Practices for Data Governance

Collibra

MARCH 11, 2021

Data governance is a very intricate field, so implementing and sustaining data governance comes with a suite of challenges. Luckily, thousands, if not millions, of organizations use data governance to improve their operations, so you can learn from others’ mistakes and successes. Focus on the operating model.

Government

Government Communications Insurance Customer Experience

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

6 best practices for a data governance strategy

Collibra

APRIL 11, 2022

Data governance is a very intricate field, so implementing and sustaining data governance comes with a suite of challenges. Luckily, thousands, if not millions, of organizations use data governance to improve their operations, so you can learn from others’ mistakes and successes. What are data governance best practices?

Government

Government Communications Insurance Customer Experience

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

See the Top Governance, Risk and Compliance (GRC) Tools. Other industry standards too can have the force of “pseudo-law” – notably, the NIST Cybersecurity Framework, which federal regulators often apply to financial-services firms and government contractors. See the Best Cybersecurity Awareness Training for Employees.

Data Privacy

Data Privacy Compliance Privacy Security

#ModernDataMasters: Nicola Askham, The Data Governance Coach

Reltio

SEPTEMBER 24, 2019

Nicola Askham is the leading data governance training provider in the UK with over 16 years of experience and research in the field. She delivers training and consulting to major organisations to help them implement full data governance frameworks. ” However, I got into data governance totally by accident.

Government

Government Digital transformation Big data IT

NYDFS issues significant guidance on insurers using AI or external data

Data Protection Report

FEBRUARY 2, 2024

On January 17, 2024 the New York Department of Financial Services (“NYDFS”) published a Proposed Insurance Circular Letter (“Proposed Circular”) regarding the use of artificial intelligence systems (“AIS”) and external consumer data and information sources (“ECDIS”) in insurance underwriting and pricing.

Insurance

Insurance Artificial Intelligence Risk Compliance

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

The law broadens the definition of “private information” which sets forth the information elements that, if breached, could trigger a notification obligation. The Stop Hacks and Improve Electronic Data Security Act. To define “reasonable” safeguards, the statute provides examples of administrative, technical and physical safeguards.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

We have summarised the key compliance obligations under the PIPL below, with new obligations in bold for ease of reference: Relevant Laws/Regulations The PIPL becomes the primary, national-level law governing processing of personal information, but does not replace the existing data privacy framework.

Data Privacy

Data Privacy Privacy Compliance Analytics

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

The New York State Department for Financial Services regulations require covered entities to have appropriate record retention policies and procedures and the CCPA provides an extra incentive to implement proper information governance to minimise the costs data access requests. In the U.S., Conquer the world!

Privacy

Privacy GDPR Data breaches Risk

Cloud, Intelligent Content Services, and Digital Fragility: What’s on the RIM Horizon for 2020

ARMA International

DECEMBER 26, 2019

Government topped the list of vertical industries at 23%. in 2017), with the remainder reporting into senior administrative roles, compliance, corporate services, or finance teams. in 2017), with the remainder reporting into senior administrative roles, compliance, corporate services, or finance teams.

Content services

Content services Cloud Records Management Privacy

FTC Seeks Comment on Proposed Changes to GLBA Implementing Rules

HL Chronicle of Data Protection

MARCH 14, 2019

The proposed Rule would allow the CISO to be an employee of a service provider or affiliate, although in that case the FI would be required to designate a senior member of its personnel to direct and oversee the CISO. Employee training. Board reporting. Periodic risk assessments.

Privacy

Privacy Risk Cybersecurity Information Security

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

The New York State Department for Financial Services regulations require covered entities to have appropriate record retention policies and procedures and the CCPA provides an extra incentive to implement proper information governance to minimise the costs data access requests. In the U.S., Conquer the world!

Privacy

Privacy GDPR Data breaches Risk

US: Surviving the service provider data breach

DLA Piper Privacy Matters

JULY 30, 2019

Some states – such as Alabama, Massachusetts and New York (for financial services companies) – prescribe particular requirements of a “reasonable” cybersecurity program. At least nine states expressly extend these requirements to service providers. Proof of adequate cyber insurance coverage.

Data breaches

Data breaches Cybersecurity Financial Services Risk

European Commission publishes long-awaited draft Regulation on Artificial Intelligence

DLA Piper Privacy Matters

APRIL 26, 2021

Definition of AI system. The definition of an AI system is intended to be technology-neutral and future-proof, while providing legal certainty. a) The definition of a high-risk AI system. Governance, enforcements and sanctions . a) European Artificial Intelligence Board. d) Sanctions.

Artificial Intelligence

Artificial Intelligence Risk Marketing GDPR

Congress Passes Cyber Incident Reporting for Critical Infrastructure Act of 2022

Data Matters

MARCH 21, 2022

The reporting requirements will cover multiple sectors of the economy, including chemical industry entities, commercial facilities, communications sector entities, critical manufacturing, dams, financial services entities, food and agriculture sector entities, healthcare entities, information technology, energy, and transportation.

Ransomware

Ransomware Cybersecurity Agriculture Communications

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

IT Governance

JANUARY 16, 2024

Only 4 definitely haven’t had data breached. GB Rebekah Children’s Services Source (New) Non-profit USA Yes 2,805 Butte School District Source 1 ; source 2 (Update) Education USA Yes 2,658 Dignity Health Nevada St. 94 of them are known to have had data breached. Organisation(s) Sector Location Data breached?

Data Privacy

Data Privacy Privacy Manufacturing Retail

NYDFS proposes significant cybersecurity regulation amendments

Data Protection Report

AUGUST 11, 2022

On July 29, 2022, the New York Department of Financial Services (NYDFS) announced a “pre-proposed outreach” of material proposed changes to almost every section of its cybersecurity regulations, and would affect each entity covered by the current regulations of 23 NYCRR Part 500. Governance. The Proposed Regulation Changes.

Cybersecurity

Cybersecurity Risk Passwords Compliance

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

IT Governance

JANUARY 23, 2024

Only 1 definitely hasn’t had data breached. The first chapter covers the lawful basis for training generative AI models on web-scraped data and is open until 1 March. Subscribe now The post The Week in Cyber Security and Data Privacy: 15 – 21 January 2024 appeared first on IT Governance UK Blog.

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

That's quite a narrow definition. What can they do within the workforce, although this sort of job and sort of landscape we try and work out what they can do, which is the definition of authorization, essentially, this is Simon, what can he do today? Vamosi: And it’s not just in the work environment. I use a password manager.

Passwords

Passwords Authentication Access Data breaches

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

Only 4 definitely haven’t had data breached. Subscribe now The post The Week in Cyber Security and Data Privacy: 22 – 28 April 2024 appeared first on IT Governance UK Blog. 117 of them are known to have had data exfiltrated, exposed or otherwise breached. Organisation(s) Sector Location Data breached?

Data Privacy

Data Privacy Privacy Manufacturing Security

The Hacker Mind: MITRE ATT&CK Evaluations

ForAllSecure

MAY 4, 2021

government agencies. Duff: What MITRE does is provide usually high level understanding to our government customers on problems that they face, and that can range anything from work we do with the FAA to work we do with the NCC OE so the National Cybersecurity Center of Excellence, which is operated by NIST, a variety of programs in between.

Government

Government IT Access Analytics

The Hacker Mind: MITRE ATT&CK Evaluations

ForAllSecure

MAY 4, 2021

government agencies. Duff: What MITRE does is provide usually high level understanding to our government customers on problems that they face, and that can range anything from work we do with the FAA to work we do with the NCC OE so the National Cybersecurity Center of Excellence, which is operated by NIST, a variety of programs in between.

Government

Government IT Access Analytics

Information Management Today

NYDFS Amends Cybersecurity Rules for Financial Services Companies

AI Governance: Why our tested framework is essential in an AI world

Webinars

Trending Sources

Top 6 Best Practices for Data Governance

Webinars

6 best practices for a data governance strategy

Security Compliance & Data Privacy Regulations

#ModernDataMasters: Nicola Askham, The Data Governance Coach

NYDFS issues significant guidance on insurers using AI or external data

New York Enacts Stricter Data Cybersecurity Laws

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

The Privacy Officers’ New Year’s Resolutions

Cloud, Intelligent Content Services, and Digital Fragility: What’s on the RIM Horizon for 2020

FTC Seeks Comment on Proposed Changes to GLBA Implementing Rules

The Privacy Officers’ New Year’s Resolutions

US: Surviving the service provider data breach

European Commission publishes long-awaited draft Regulation on Artificial Intelligence

Congress Passes Cyber Incident Reporting for Critical Infrastructure Act of 2022

The Week in Cyber Security and Data Privacy: 8 – 14 January 2024

NYDFS proposes significant cybersecurity regulation amendments

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

The Hacker Mind Podcast: Going Passwordless

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

The Hacker Mind: MITRE ATT&CK Evaluations

The Hacker Mind: MITRE ATT&CK Evaluations

Stay Connected