Krebs on Security

JANUARY 25, 2022

” According to the Native American Financial Services Association (NAFSA), a trade group in Washington, D.C. Or how about not learning of the fraudulent loan until it gets handed off to collection agents? Jim says MSF assured him it would, and the loan was never issued. Then on Nov. Then on Nov.

Financial Services 219

Financial Services IT Data breaches Authentication 219

IBM Big Data Hub

FEBRUARY 4, 2022

ISO 20022 was first introduced in 2004 to provide more standardization and deliver richer information for Financial Services transactions. The benefits of providing an enhanced definition for payment transactions include the following: Improving automation to achieve higher straight-through-processing (STP) rates. In the U.S.,

Artificial Intelligence 124

Artificial Intelligence Financial Services Analytics Marketing 124

Hunton Privacy

JUNE 9, 2022

The new law generally follows MDL-668’s provisions, adopting the model law’s broad definition of nonpublic information and requiring licensees to, in part, maintain a written information security program (“WISP”) and investigate cybersecurity incidents. Enforcement and Penalties Under the Law.

Insurance 107

Insurance Security Information Security Cybersecurity 107

Data Protection Report

NOVEMBER 14, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) officially proposed changes to its cybersecurity regulation and opened a 60-day public comment period. Revised Definition of Class A Companies and other Key Requirements. Business Continuity and Disaster Recovery. Notice of Cybersecurity Event.

Cybersecurity 116

Cybersecurity Passwords Risk Compliance 116

Data Matters

MARCH 12, 2019

Last week, the Federal Trade Commission (“FTC”) got into the act as well, releasing two notices of proposed rulemaking (“NPRM”) on potential changes to its the Standards for Safeguarding Customer Information (“Safeguards Rule”) and Privacy of Consumer Financial Information Rule (“Privacy Rule”) under the Gramm-Leach-Bliley Act.

Privacy 68

Privacy IT Information Security Insurance 68

Data Protection Report

MARCH 7, 2024

The proposed definition of “listed identifier” is Full or truncated government identification or account number (such as a Social Security Number, driver’s license or state identification number, passport number, or Alien Registration Number) [Note that this definition apparently includes truncated Social Security Numbers.]

Access 59

Access Military Compliance Personal data 59

Data Protection Report

NOVEMBER 2, 2023

On November 1, 2023, the New York Department of Financial Services (NYDFS) finalized the second amendment to its cybersecurity regulations, which are available here. The two definitions from Section 500.1 a)), this new term applies. NYDFS stated: The Department has revised the language of § 500.17(a)

Cybersecurity 105

Cybersecurity Compliance Financial Services Government 105

erwin

DECEMBER 17, 2020

The same is true for data, with a number of vendors creating data models by vertical industry (financial services, healthcare, etc.) By having a single definition of something, complex ETL doesn’t have to be performed repeatedly. Cloud migration and other data platform modernization efforts: definition is missing here.

Metadata 90

Metadata Analytics Government Financial Services 90

Data Matters

MARCH 21, 2022

The reporting requirements will cover multiple sectors of the economy, including chemical industry entities, commercial facilities, communications sector entities, critical manufacturing, dams, financial services entities, food and agriculture sector entities, healthcare entities, information technology, energy, and transportation.

Ransomware 97

Ransomware Cybersecurity Agriculture Communications 97

Data Matters

JUNE 24, 2022

The fact that the Commission is raising these questions now is not surprising, as the agency has shown increasing interest in these service providers in recent years. Importantly, the definition does not require that an investment adviser exercise discretionary investment authority. Background.

Marketing 88

Marketing Financial Services Analytics Sales 88

Thales Cloud Protection & Licensing

OCTOBER 27, 2021

At a global level, there's a broad acceptance that security teams are tightly involved with policy definition (82%), but an almost even split in relation to enforcement; 37% believe it is the security team’s responsibility while 45% believe that policy enforcement is up to the cloud provider. Is cloud transformation as hard as it seems?

Cloud 71

Cloud Encryption Financial Services Authentication 71

Data Protection Report

APRIL 9, 2024

For example, government contractors or subcontractors with reporting obligations to the DOD or DOE for cyber incidents, or financial services entities that are already required to report cyber incidents to their primary federal regulator would be considered “covered entities” under the CIRCIA.

Ransomware 84

Ransomware Agriculture Cybersecurity Government 84

eSecurity Planet

AUGUST 9, 2022

GDPR (among other legal requirements in the EU and elsewhere) can expose multinational organizations to hefty financial penalties, additional rules for disclosing data breaches, and increased scrutiny of the adequacy of their data security. Regulatory compliance and data privacy issues have long been an IT security nightmare.

Data Privacy 145

Data Privacy Compliance Privacy Security 145

IT Governance

DECEMBER 11, 2023

Compromised information includes patients’ personal data, health and medical records, financial data, internal emails and software source code. Only 3 definitely haven’t had data breached. There are no excuses for not ensuring that people’s personal information is protected if you are using AI systems, products or services.”

Data Privacy 101

Data Privacy Energy and Utilities Privacy Manufacturing 101

Collibra

MAY 16, 2022

This want to commingle the solutions likely stems from the Gartner definition published in the Magic Quadrant for Data Quality Solutions, which rightfully states that data quality needs “identification, understanding[,] and correcting flaws in data.”. For financial services, data governance found its roots in risk.

Risk 91

Risk Government Financial Services Access 91

erwin

MAY 2, 2019

Enterprise architect is a common job title within IT organizations at large companies, but the term lacks any standard definition. That’s one of the reasons the enterprise architect role has no standard definition. That’s one of the reasons the enterprise architect role has no standard definition.

Digital transformation 95

Digital transformation Healthcare Compliance Cloud 95

Robert's Db2

SEPTEMBER 27, 2023

When a CGTT can majorly reduce elapsed and CPU time for a process The second Db2 temporary table story I'll relate came to me by way of a Db2 for z/OS systems programmer who works for a financial services organization. I hope that what follows will be of interest to you. a "regular") Db2 table. Indeed so.

Financial Services 62

Financial Services IT Access 62

erwin

DECEMBER 20, 2018

But to ensure the collaborative take on data governance is implemented properly, an organization must settle on a common definition. for Financial Services. www.erwin.com/blog/data-governance-2-0-financial-services/. The Top 6 Benefits of Data Governance. www.erwin.com/blog/top-6-benefits-of-data-governance/.

Government 40

Government Financial Services GDPR Data breaches 40

The Last Watchdog

APRIL 3, 2019

I had the chance at RSA 2019 to visit with Mike Kiser, global strategist at SailPoint , an Austin, TX-based supplier of IGA services to discuss this. Not only is the notion of what comprises a perimeter shifting, the definition of what constitutes a “user” is metamorphizing, as well. Users re-defined. Public trust must be maintained.

Digital transformation 140

Digital transformation Insurance Compliance Healthcare 140

DLA Piper Privacy Matters

MARCH 3, 2023

New laws, such as a Cyber Security Act, to provide a more explicit specification of cyber security obligations; Expansion of the existing Security of Critical Infrastructure Act to include customer data and systems within the definition of critical assets. Health care and financial services remain the two highest reporting sectors.

Data breaches 52

Data breaches Security Paper Financial Services 52

IT Governance

APRIL 29, 2024

Only 4 definitely haven’t had data breached. Known data breached Discord (via Spy.pet) Source (New) IT services USA Yes 4,186,879,104 Baidu, Inc., iSharing is used by more than 35 million users. The company has fixed the issue, blaming it on a vulnerability in the app’s groups feature. Data breached: >35 million people’s data.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

Data Matters

FEBRUARY 12, 2019

The forums won’t likely provide definitive answers, they will likely provide some of the best information available. Definition of Unique Identifiers. Updating as needed the definition of unique identifiers. On the one hand, consumer groups advocated to keep the definition of personal information as broad as possible.

Sales 74

Sales Privacy Data Privacy Compliance 74

IBM Big Data Hub

JUNE 26, 2023

AI-based services). One of the few pre-scripted questions I ask in most of the episodes is about the guest’s definition of “hybrid cloud.” It has spawned an entire new industry of companies providing hardware and software for the cloud. ” The answers have all been comparable.

Cloud 61

Cloud Financial Services IT Government 61

Data Protection Report

FEBRUARY 2, 2024

On January 17, 2024 the New York Department of Financial Services (“NYDFS”) published a Proposed Insurance Circular Letter (“Proposed Circular”) regarding the use of artificial intelligence systems (“AIS”) and external consumer data and information sources (“ECDIS”) in insurance underwriting and pricing. Actual Actuarial Validity.

Insurance 78

Insurance Artificial Intelligence Risk Compliance 78

ARMA International

APRIL 18, 2022

Definition and Purpose of a Records Retention Schedule. Certain sectors, such as banking, financial services, health, and insurance have their own data protection and privacy requirements. 8 This is the GDPR definition and other countries have similar broad definitions of personal data.

Personal data 100

Personal data GDPR Privacy Records Management 100

Hunton Privacy

JANUARY 3, 2017

On December 28, 2016, the New York State Department of Financial Services (“DFS”) announced an updated version of its cybersecurity regulation for financial institutions (the “Updated Regulation”). The Updated Regulation will become effective on March 1, 2017. In announcing the Updated Regulation, DFS Superintendent Maria T.

Cybersecurity 40

Cybersecurity Financial Services Authentication Information Security 40

HL Chronicle of Data Protection

JUNE 14, 2019

Please join the Hogan Lovells Privacy and Cybersecurity team and LexisNexis on June 19 for the webinar, Operationalizing the California Consumer Privacy Act – Key Decisions and Compliance Strategies. As the first broad-based state law on consumers’ personal data in the U.S.,

Privacy 40

Privacy GDPR Compliance Financial Services 40

erwin

FEBRUARY 7, 2019

The banking, financial services and insurance industry typically deals with higher data velocity and tighter regulations than most. Organization’s cannot hope to make the most out of a data-driven strategy, without at least some degree of metadata-driven automation. Metadata-Driven Automation in the BFSI Industry.

Metadata 96

Metadata Healthcare Insurance Financial Services 96

Data Matters

DECEMBER 23, 2020

The agencies also estimated that it would take only three hours to evaluate, prepare, and complete certification — acknowledging that this would require “staff time to coordinate internal communications, consult with its bank service provider, if appropriate, and notify the banking organization’s primary federal regulator.

Security 68

Security Cybersecurity Insurance Communications 68

IT Governance

MARCH 11, 2024

Only 3 definitely haven’t had data breached. Source 1 ; source 2 (Update) IT services Taiwan Yes 2,451,197 RMH Franchise Corporation Source (New) Hospitality USA Yes 1.5 Source 1 ; source 2 (Update) IT services Taiwan Yes 2,451,197 RMH Franchise Corporation Source (New) Hospitality USA Yes 1.5 TB Paysign, Inc. TB Paysign, Inc.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

Data Protector

DECEMBER 31, 2016

They're not definitive statements of the law that must be ruthlessly adhered to. Who knows whom I’ll be advising! The Working Group offers opinions. The ICO’s new satellite office in Central London will prove so successful that an increasing number of staff will want to work from that office. It is, after all, quite a long way from Wilmslow.

GDPR 120

GDPR Communications Financial Services Education 120

Data Matters

MARCH 28, 2022

See 45 CFR 164.308(a)(1)(ii)(A)-(B): Implementation Specification: Risk Analysis (required), Implementation Specification: Risk Management (required); see also 45 CFR 164.304 (definition of “Availability”). implement stronger authentication solutions, such as multi-factor authentication. 45 CFR 164.308(a)(5)(i).

Cybersecurity 88

Cybersecurity Privacy Insurance Risk 88

erwin

JANUARY 7, 2021

In highly regulated environments, such as financial services, healthcare and pharma, attestations, audit trails and compliance reporting are required regardless of circumstances and will be difficult with a manual, laborious approach. However, that definition is too narrow in terms of AI’s relation to data governance.

Metadata 98

Metadata Artificial Intelligence Compliance Government 98

erwin

SEPTEMBER 25, 2020

Data modeling is the process of creating a data model to communicate data requirements, documenting data structures and entity types. It serves as a visual guide in designing and deploying databases with high-quality data sources as part of application development. Why Is Data Modeling Important? A good analogy is that of a house and its architect.

Data structuring 111

Data structuring Cloud Metadata Financial Services 111

IT Governance

NOVEMBER 9, 2018

In brief: Profiling now has a distinct definition. Profiling is most often used for marketing purposes, but it is also used in other areas, such as healthcare, financial services and education, where large volumes of data need to be analysed in order to make quicker and more consistent decisions. Help complying with the GDPR.

GDPR 88

GDPR Personal data Financial Services Compliance 88

Data Protection Report

NOVEMBER 1, 2023

Notably, although the obligation to report to the FTC arises if the notification event involves 500 consumers , the definition of “notification event” hinges on unauthorized access of information belong to customers —a term defined more narrowly than “consumers.”

Encryption 59

Encryption Cybersecurity Data breaches Financial Services 59

IT Governance

JANUARY 16, 2024

Only 4 definitely haven’t had data breached. Publicly disclosed data breaches and cyber attacks: full list This week, we’ve found 249,142,212 records known to be compromised, and 108 organisations suffering a newly disclosed incident. 94 of them are known to have had data breached. Organisation(s) Sector Location Data breached?

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52