Data Matters

MARCH 12, 2019

Over the last few years, States have enacted increasingly aggressive legislation concerning data privacy and security, raising concerns that companies will be subject to a patchwork of different standards. Aligning the Safeguards Rule with State Regimes.

Privacy 68

Privacy IT Information Security Insurance 68

Data Protection Report

JANUARY 6, 2020

Although the AG’s view was that the SCCs are valid, he suggested that those using them would need to examine the national security laws of the data importer’s jurisdiction to determine whether they can in fact comply with the terms of the SCCs. GDPR wasn’t the beginning and it’s definitely not the end. Overwhelmed at the prospect?

Privacy 84

Privacy GDPR Data breaches Risk 84

Data Matters

AUGUST 5, 2019

Together, the new laws require the implementation of reasonable data security safeguards, expand breach reporting obligations for certain types of information, and require that a “consumer credit reporting agency” that suffers a data breach provide five years of identity theft prevention services for impacted residents.

Cybersecurity 68

Cybersecurity Data breaches Privacy Risk 68

Hunton Privacy

JANUARY 3, 2017

On December 28, 2016, the New York State Department of Financial Services (“DFS”) announced an updated version of its cybersecurity regulation for financial institutions (the “Updated Regulation”). The Updated Regulation will become effective on March 1, 2017.

Cybersecurity 40

Cybersecurity Financial Services Authentication Information Security 40

Data Matters

APRIL 11, 2022

The Cyber Security Law (2017) (the CSL ) prohibits operators of critical information infrastructures ( CIIs ) from transferring their “important data” and personal information outside of China. The CSL does not provide a definition for “important data”. Network Data Security Regulation. The CSL and the DSL.

Military 88

Military Artificial Intelligence Security Financial Services 88

Data Protection Report

JANUARY 6, 2020

Although the AG’s view was that the SCCs are valid, he suggested that those using them would need to examine the national security laws of the data importer’s jurisdiction to determine whether they can in fact comply with the terms of the SCCs. GDPR wasn’t the beginning and it’s definitely not the end. Overwhelmed at the prospect?

Privacy 52

Privacy GDPR Data breaches Risk 52

HL Chronicle of Data Protection

MARCH 14, 2019

The proposed changes to the Safeguards Rule add a number of more detailed security requirements, whereas the proposed changes to the Privacy Rule are more focused on technical changes to align the Rule with changes in law over the past decade. It includes general, high level elements of a security program, but lacks detailed security steps.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

Preservica

NOVEMBER 6, 2017

I recently spoke with the IG director for a global financial services firm about progress in addressing long-term digital information. Leadership is aware that secure, authenticated access to digital information is vital for decision making, meeting compliance and legal requirements, and sustaining client relationships.

Digital preservation 56

Digital preservation Information governance Government Archiving 56

DLA Piper Privacy Matters

AUGUST 23, 2021

Definition of Personal information and Sensitive Personal information “Personal information” means any kind of information relating to an identified or identifiable natural person, either electronically or otherwise recorded, but excluding information that has been de-identified or anonymised.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

DLA Piper Privacy Matters

JULY 30, 2019

Effective cybersecurity requires organizations to move beyond perimeter defense of their own network to protecting sensitive data in the hands of service providers. From a security and legal perspective, service provider cybersecurity requires significant attention and coordination by all parties both before and after hitting the breach.

Data breaches 45

Data breaches Cybersecurity Financial Services Risk 45

ARMA International

DECEMBER 26, 2019

Just 59% of surveyed RIM professionals are included in their company’s IT strategic planning, including activities such as requirements definition and vendor selection – down from 67% in 2017. The top objection to using the cloud for digital records continues to be potential privacy or security concerns – no change from 2017.

Content services 76

Content services Cloud Records Management Privacy 76

Hunton Privacy

MAY 13, 2011

The provisions are aimed at standardizing the requirements for reporting security breaches by, among other things, establishing statutory definitions of a “security breach” and “sensitive personally identifiable information.”.

Cybersecurity 40

Cybersecurity Data breaches Information Security Financial Services 40

Data Matters

SEPTEMBER 4, 2019

NAIC Evaluating Definition of “Best Interest” to Determine Whether to Impose Such a Standard in the Suitability in Annuity Transactions Model Regulation. The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019.

Insurance 68

Insurance Paper Risk Analytics 68

Data Protection Report

MARCH 7, 2024

The proposed definition of “listed identifier” is Full or truncated government identification or account number (such as a Social Security Number, driver’s license or state identification number, passport number, or Alien Registration Number) [Note that this definition apparently includes truncated Social Security Numbers.]

Access 58

Access Military Compliance Personal data 58

Hunton Privacy

JANUARY 20, 2023

As financial services authorities move to regulate digital assets in jurisdictions worldwide, the paper highlights the need to bring privacy regulators into the discussion so that data privacy issues affecting blockchain are addressed in tandem. Data security. Accountability.

Paper 134

Paper Blockchain Privacy Financial Services 134

IBM Big Data Hub

NOVEMBER 29, 2023

Financial Services clients are increasingly looking to modernize their applications. Moreover, many of these financial services applications support regulated workloads, which require strict levels of security and compliance, including Zero Trust protection of the workloads. initiative.

Cloud 99

Cloud Financial Services Security Compliance 99

ForAllSecure

JUNE 16, 2021

APIs are vital in our mobile digital world, but the consequences of API security flaws have yet to be seen. During the pandemic sales of the Home Fitness cycle peloton grew massively, given its popularity, it's natural that security researchers would want to take a look. And we've had our fair share of security concerns with those.

Authentication 52

Authentication Communications IoT Security 52

ForAllSecure

JUNE 16, 2021

APIs are vital in our mobile digital world, but the consequences of API security flaws have yet to be seen. During the pandemic sales of the Home Fitness cycle peloton grew massively, given its popularity, it's natural that security researchers would want to take a look. And we've had our fair share of security concerns with those.

Authentication 52

Authentication Communications IoT Security 52

Data Protection Report

APRIL 9, 2024

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) published a Notice of Proposed Rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which imposes new reporting requirements for entities operating in critical infrastructure sectors.

Ransomware 83

Ransomware Agriculture Cybersecurity Government 83

DLA Piper Privacy Matters

APRIL 26, 2021

There is a tiering of regulatory requirements depending on the inherent risk associated with the AI system / practices that is being used. At the highest risk level are prohibited AI practices. High Risk AI systems. The AI Regulation creates a separate tier of high risk AI systems. Lower risk AI systems.

Artificial Intelligence 114

Artificial Intelligence Risk Marketing GDPR 114

IT Governance

JANUARY 23, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight More than 70 million email addresses added to Have I Been Pwned The security researcher Troy Hunt has added more than 70 million email addresses from the Naz.API data set to his Have I Been Pwned data breach notification service. VF Corporation confirms 35.5

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

DECEMBER 11, 2023

Researchers from the German cyber security company Aplite discovered 3,806 servers from 111 countries accessible on the Internet. Only 3 definitely haven’t had data breached. 138 of them are known to have had data exfiltrated or exposed. We’ve also found 6 organisations providing a significant update on a previously disclosed incident.

Data Privacy 101

Data Privacy Energy and Utilities Privacy Manufacturing 101

IT Governance

JANUARY 16, 2024

Only 4 definitely haven’t had data breached. Securities and Exchange Commission Source 1 ; source 2 (New) Public USA No 0 NETGEAR Source (New) Telecoms USA No 0 Note 1: ‘New’/‘Update’ in the first column refers to whether this breach was first publicly disclosed this week, or whether a significant update was released this week.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Data Matters

MARCH 21, 2022

Congress has passed a significant new cybersecurity law that will require critical infrastructure entities to report material cybersecurity incidents and ransomware payments to the Cybersecurity and Infrastructure Security Agency (CISA) within 72 and 24 hours, respectively. 651, et seq. Section 2240(4).

Ransomware 97

Ransomware Cybersecurity Agriculture Communications 97

Collibra

MAY 16, 2022

This want to commingle the solutions likely stems from the Gartner definition published in the Magic Quadrant for Data Quality Solutions, which rightfully states that data quality needs “identification, understanding[,] and correcting flaws in data.”. Consider the examples from our peer industries: Operational Risk. Cyber Security.

Risk 91

Risk Government Financial Services Access 91

Data Protection Report

AUGUST 11, 2022

On July 29, 2022, the New York Department of Financial Services (NYDFS) announced a “pre-proposed outreach” of material proposed changes to almost every section of its cybersecurity regulations, and would affect each entity covered by the current regulations of 23 NYCRR Part 500. Cybersecurity Risk Assessments.

Cybersecurity 58

Cybersecurity Risk Passwords Compliance 58

ForAllSecure

JANUARY 19, 2022

Is there something more secure? Simon Moffatt from CyberHut joins The Hacker Mind to discuss how identity and access management (IAM) is fundamental to everything we do online today, and why even multi-factor access, while an improvement, needs to yield to more effortless and more secure passwordless technology that’s coming soon.

Passwords 52

Passwords Authentication Access Data breaches 52

Data Matters

DECEMBER 28, 2020

The GCC uses a risk-based capital (RBC) aggregation approach intended to act as an additional group supervisory tool for regulators, in conjunction with the Form F Enterprise Risk Report, Own Risk and Solvency Assessment (ORSA) report, and the Corporate Governance Annual Disclosure. 43R —Loan-Backed and Structured Securities.

Insurance 68

Insurance Paper Risk Analytics 68

IBM Big Data Hub

OCTOBER 16, 2023

Digital sovereignty revolves around a value-driven, ordered, regulated and secure digital destination for all data, hardware and software, infrastructure components and application operations. Data sovereignty addresses legal, privacy, security and governance concerns associated with the storage, processing and transfer of data.

Cloud 72

Cloud Compliance Data Privacy Privacy 72

Thales Cloud Protection & Licensing

NOVEMBER 30, 2020

Two aspects of this new law that are critical for enterprises doing business in California to understand now are: CPRA’s new definition of “Sensitive Personal Information” (SPI). Social Security number, driver’s license number, etc.), By this definition, much more data is sensitive and needs to be protected.

Privacy 62

Privacy GDPR Compliance Data breaches 62

IT Governance

APRIL 29, 2024

Keyboard app vulnerabilities reveal keystrokes to network eavesdroppers Security researchers have identified critical security vulnerabilities in Cloud-based pinyin keyboard apps from Baidu, Inc., Only 4 definitely haven’t had data breached. Data breached: 4,186,879,104 messages. Organisation(s) Sector Location Data breached?

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

Reltio

MAY 30, 2019

Some of this definitely meant compromising on the quality of things and giving away the opportunity to look at the bigger picture.”. If you are going to create a single version of the truth it needs to be a single version of SECURED truth. This is where modern techniques are really helping.

Analytics 58

Analytics Digital transformation Blockchain Big data 58

erwin

MARCH 28, 2019

The visualization process can aid in an organization’s ability to understand the security risks associated with a particular process. This also extends to industry-specific other compliance mandates such as those in healthcare, pharmaceutical and the financial services industries.

Digital transformation 71

Digital transformation Healthcare Compliance Financial Services 71

Data Matters

DECEMBER 27, 2018

The Business Roundtable is notable in proposing – with support from a spectrum of industry players including from financial services — that current sector-specific regulations should be harmonized with a national privacy law. The Data Care Act and CDT proposals would give the FTC rulemaking to flesh out such mechanisms.

Privacy 68

Privacy Data Privacy Personal data Data breaches 68