Document, Events and Financial Services - Information Management Today

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. This notice requirement explicitly applies to cybersecurity incidents occurring to the covered entity itself, its affiliates, or a third-party service provider.

Financial Services

Financial Services Cybersecurity Compliance Government

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

The Last Watchdog

FEBRUARY 11, 2024

Related: The case for augmented reality training Because of this, cybersecurity investments and regulatory oversight are increasing at an astounding rate , especially for those in the financial services industry, bringing an overwhelming feeling to chief compliance officers without dedicated security teams. The list goes on.

Risk

Risk IT Financial Services Cybersecurity

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

Navigating the landscape of digital accessibility

OpenText Information Management

NOVEMBER 29, 2023

How individuals engage with businesses, their evolving expectations, their demand for quicker responses, and recent global events, such as the COVID-19 pandemic, have compelled organizations to re-evaluate how they serve their customers.

Access

Access Financial Services Customer Experience Communications

Vermont Enacts Insurance Data Security Law

Hunton Privacy

JUNE 9, 2022

Unlike other state laws based on MDL-668, however, the Vermont Insurance Data Security Law declines to establish separate cybersecurity event notification requirements for licensees. Cybersecurity Event Investigation and Notification Requirements. Licensees must maintain records about these cybersecurity events for at least five years.

Insurance

Insurance Security Information Security Cybersecurity

NYDFS settles cybersecurity regulation matter for $3 million

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. The regulation requires that a licensee report a cybersecurity event to NYDFS within 72 hours of its determination of the event. NYDFS Cybersecurity Regulation.

Cybersecurity

Cybersecurity Financial Services Phishing Compliance

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

JANUARY 25, 2022

The reader who shared this story (and copious documentation to go with it) asked to have his real name omitted to avoid encouraging further attacks against his identity. ” According to the Native American Financial Services Association (NAFSA), a trade group in Washington, D.C. So we’ll just call him “Jim.”

Financial Services

Financial Services IT Data breaches Authentication

NYDFS Issues Ransomware Guidance Outlining Expected Security Controls

Hunton Privacy

JULY 12, 2021

On June 30, 2021, the New York State Department of Financial Services (“NYDFS,” the “Department”) issued guidance to all New York state regulated entities on ransomware (the “Guidance”), identifying controls it expects regulated companies to implement whenever possible.

Ransomware

Ransomware Security Financial Services Cybersecurity

Capture & IDP Conference 2023 Highlights

Info Source

SEPTEMBER 14, 2023

Since last year’s conference the release of Generative AI into the mainstream, as well as its application in Capture & Intelligent Document Processing applications, has been on the top of everyone’s mind. Our theme this year was “Unlocking the Power of AI to Drive Process Automation,” and we certainly unlocked some lively discussion.

Marketing

Marketing CMS Financial Services Cloud

Cryptoassets and Smart Contracts – UK Offers Legal Clarity

Data Matters

DECEMBER 4, 2019

Cryptoassets are not documents of title, documentary intangibles or negotiable instruments, nor are they instruments under the UK Bills of Exchange Act nor goods under the UK Sale of Goods Act. The conclusions in the Legal Statement are useful to financial services firms and to those developing new applications for financial services.

Blockchain

Blockchain Financial Services Healthcare Marketing

Cryptoassets and Smart Contracts – UK Offers Legal Clarity

Data Matters

DECEMBER 4, 2019

Cryptoassets are not documents of title, documentary intangibles or negotiable instruments, nor are they instruments under the UK Bills of Exchange Act nor goods under the UK Sale of Goods Act. The conclusions in the Legal Statement are useful to financial services firms and to those developing new applications for financial services.

Blockchain

Blockchain Financial Services Healthcare Marketing

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

Perhaps even more concerning to EU lawmakers is how dependent society at large is on banking and other financial services. In turn, financial institutions heavily depend on ICT to be able to provide those services to begin with. That really shouldn’t surprise us – these are lucrative targets for cyber criminals.

Risk

Risk Data breaches Authentication Financial Services

ABBYY Intelligent Capture Connector Is Now Available on the UiPath Go! RPA App Store

Info Source

NOVEMBER 8, 2018

Additionally, ABBYY was selected by UiPath as the Best Technology Partner at its #UiPathForward Americas partner event on October 3rd. We were happy to recognize ABBYY with the 2018 Technology Partner Innovator Award at our annual #UiPathForward event. The goal of UiPath Go!

Digital transformation

Digital transformation Marketing Financial Services Manufacturing

Marriott Breach: More than 500 Million Guest Affected

Adam Levin

NOVEMBER 30, 2018

If you prefer a more laid back approach, sign up for free transaction alerts from financial services institutions and credit card companies, or subscribe to a credit and identity monitoring program, 3. Monitor your accounts. Check your credit report every day, keep track of your credit score, review major accounts daily if possible.

Financial Services

Financial Services Encryption Passwords Communications

How to Prevent Data Breaches: Data Breach Prevention Tips

eSecurity Planet

AUGUST 22, 2023

Jump ahead to: Prioritize Data Protection Document Your Response Process Make Users Part of the Process Understand Business Context Be Thorough Proactively Collect and Organize Data Don’t Forget Network Analysis Train and Drill Enlist Outside Help Go on the Offensive 1. Make sure you document: Which steps happen in a specific order.

Data breaches

Data breaches Big data Cybersecurity Security

Kodak Alaris Announces Global Alliance with RPA Software Leader UiPath

Info Source

AUGUST 21, 2020

The alliance between UiPath and Kodak Alaris will generate new business opportunities for system integrators and software vendors, helping them expand RPA projects and deliver intelligent scanning and information capture solutions to customers in sectors including Government, Financial Services, Logistic and Healthcare.

Information capture

Information capture Digital transformation Paper Artificial Intelligence

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

Data Matters

FEBRUARY 25, 2021

The FCA is proposing amendments to: the UK onshored versions of EU technical standards on strong customer authentication (SCA) and common and secure methods of communication (UK SCA-RTS); its Approach Document on Payment Services and Electronic Money (Approach Document); and. its Perimeter Guidance Manual (PERG). Safeguarding.

Authentication

Authentication Paper Risk Insurance

Institutional Investor’s Introduction to Blockchain and Digital Asset Investing

Data Matters

NOVEMBER 2, 2021

For institutional investors that trade futures using a futures customer agreement with a registered futures commission merchant, or FCM, this offering can be an appealing way to access digital assets markets because it uses a familiar product and documentation. Traditional OTC Derivatives.

Blockchain

Blockchain Marketing Access Risk

Proposed Amendments to NY Financial Services Cybersecurity Regulations Impose New Obligations on Large Entities, Boards of Directors and CISOs

Hunton Privacy

AUGUST 15, 2022

On July 29, 2022, the New York Department of Financial Services (“NYDFS”) posted proposed amendments (“Proposed Amendments”) to its Cybersecurity Requirements for Financial Services Companies (“Cybersecurity Regulations”). As part of the “training and monitoring” requirements under Section 500.14 Additional Requirements.

Financial Services

Financial Services Cybersecurity Risk Passwords

The compliance challenges of hybrid working

IT Governance

AUGUST 26, 2021

For example, financial services firms may be worried about employees breaching insider trading laws. Indeed, if you have a lawful reason to monitor employees and you document that reason, you are justified to keep an eye on their activities.

Compliance

Compliance Data breaches Privacy Risk

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

For example, the New York Department of Financial Services (‘NYDFS’) in March 2017 issued its Cybersecurity Regulation (23 NYCRR 500) (‘the NYDFS Cybersecurity Regulation’), a groundbreaking and far-reaching regulatory regime focused on financial institutions licensed in New York, including insurance companies.

Insurance

Insurance Cybersecurity Data breaches Financial Services

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

The records retention schedule is the foundational document for a records management program. Certain sectors, such as banking, financial services, health, and insurance have their own data protection and privacy requirements. 3 Personal Information Protection and Electronic Documents Act (PIPEDA). 2 DLA Piper.

Personal data

Personal data GDPR Privacy Records Management

FinCEN Issues Notice on Reporting COVID-19 Criminal and Suspicious Activities, Companion Advisory on COVID-19-Related Medical Scams

Data Matters

MAY 21, 2020

Where a financial institution has made disclaimers or set forth its challenges in past SAR filings, FinCEN is not requiring the financial institution to correct those reports. Providing Supporting Documentation to Law Enforcement and FinCEN Timely When Requested. Price gouging and hoarding of medical-related items.

e-Discovery

e-Discovery Government Cybersecurity Financial Services

FTC Seeks Comment on Proposed Changes to GLBA Implementing Rules

HL Chronicle of Data Protection

MARCH 14, 2019

The plan must enable FIs to promptly respond to and recover from security events affecting customer information. It must also address the goals of the plan, internal processes for responding to a security event, and documentation and reporting regarding security events and related incident response activities.

Privacy

Privacy Risk Cybersecurity Information Security

Getting ready for artificial general intelligence with examples

IBM Big Data Hub

APRIL 18, 2024

Here are some areas where organizations are seeing a ROI: Text (83%) : Gen AI assists with automating tasks like report writing, document summarization and marketing copy generation. Financial services AGI might revolutionize financial analysis by going beyond traditional methods.

Artificial Intelligence

Artificial Intelligence Marketing e-Delivery Manufacturing

Ransomware Protection in 2021

eSecurity Planet

FEBRUARY 16, 2021

Attackers can fool even sophisticated users into clicking on an invoice they are expecting, or a photograph that is ostensibly from someone they know, or a document that appears to have come from their boss. In the event of a successful breach, your team must be ready to restore systems and data recovery. Block Executables.

Ransomware

Ransomware Encryption Insurance Cloud

Capital Markets, AI, and the need for governance

Collibra

OCTOBER 31, 2023

With business and technology leaders from around the globe exploring how data fuels the industry, and presentations on everything related to accelerating financial data pipelines and delivering data in the cloud, the event offered executive thought leadership on emerging technologies. Already using AI?

Marketing

Marketing Government Financial Services Artificial Intelligence

Discovery of New Internet of Things (IoT) Based Malware Could Put a New Spin on DDoS Attacks

Data Protection Report

NOVEMBER 3, 2017

Slightly over one year ago, several major distributed denial-of-service (“DDoS”) attacks took place, including a major event affecting the domain name service provider Dyn , which caused outages and slowness for a number of popular sites, including Amazon, Netflix, Reddit, SoundCloud, Spotify, and Twitter.

IoT

IoT Communications Risk Passwords

Cybersecurity: Managing Risks With Third Party Companies

Cyber Info Veritas

JULY 19, 2018

This is according to a recent survey conducted by Soha Systems, and according to one of the speeches delivered by the Superintendent of the New York State Department of Financial Services, Mr. Benjamin Lawsky, “ A company’s cybersecurity is only as strong as the cybersecurity of its third-party vendors ”.

Risk

Risk Cybersecurity Compliance Data breaches

Free Remote-Work App: Remote Work Made Easy with erwin WFH Impact Manager

erwin

OCTOBER 1, 2020

The global pandemic is the single most disruptive event in modern times. In highly regulated environments, such as financial services, healthcare and pharma, attestations, audit trails and compliance reporting are required regardless of circumstances and will be difficult with a manual, laborious approach.

Compliance

Compliance Sales Communications Financial Services

NYDFS proposes significant cybersecurity regulation amendments

Data Protection Report

AUGUST 11, 2022

On July 29, 2022, the New York Department of Financial Services (NYDFS) announced a “pre-proposed outreach” of material proposed changes to almost every section of its cybersecurity regulations, and would affect each entity covered by the current regulations of 23 NYCRR Part 500. 500.16). . Asset inventories and Access Controls.

Cybersecurity

Cybersecurity Risk Passwords Compliance

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

In a lengthy post on April 4, 2013 titled “I DON’T UNDERSTAND ANYTHING,” Ika told Pustota forum members he was so spooked by recent events that he was closing the forum and quitting the cybercrime business entirely. “It’s no secret that karma farted in my direction,” Ika said at the beginning of his post.

Computer and Electronics

Computer and Electronics Marketing Sales Healthcare

3 key reasons why your organization needs Responsible AI

IBM Big Data Hub

FEBRUARY 8, 2023

Organizations in highly regulated markets such as healthcare, government and financial services have additional challenges in meeting industry regulations around data and models. Documented, explainable model facts are necessary when defending analytic decisions. The average cost of compliance came in at $5.47 million. “The

Artificial Intelligence

Artificial Intelligence Compliance Analytics Government

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

BianLian claims to have exfiltrated 5 TB of data, comprising millions of sensitive documents. Compromised information includes patients’ personal data, health and medical records, financial data, internal emails and software source code. Akumin Inc. has suffered a second attack, this time by the BianLian ransomware group.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

And I think that probably the one which most people resonate with is this physical document, which again, has some attributes and fields, some pieces of information in there, which somehow represents this physical person to somebody else. It's documented. We use this physical thing to represent ourselves to the border control guide.

Passwords

Passwords Authentication Access Data breaches

Reveille Expands from APM to Broader Analytics

Info Source

FEBRUARY 14, 2018

Insight is the data we are able to pull, while ‘active’ means that users are able to react to events,” said Allen. For example, if a financial services organization has deployed a loan origination application, we can tell how often its loan officers are using it and how long they are on it for.

Analytics

Analytics ECM Marketing Cloud

OCR and Health Care Industry Cybersecurity Task Force Publish Cybersecurity Materials

Hunton Privacy

JUNE 12, 2017

Department of Health and Human Services’ Office for Civil Rights (“OCR”) and the Health Care Industry Cybersecurity Task Force (the “Task Force”) have published important materials addressing cybersecurity in the health care industry. lists key steps that an organization must undertake in the event of a cyber attack. What do we do now?,”

Cybersecurity

Cybersecurity Computer and Electronics Education Financial Services

What Real Users Love About Their Payroll Department Tools

IGI

JANUARY 5, 2018

ADP has helped us go paperless, houses our HR-related documents for easy access by our team and allows us to keep everything together in one location. APS offers specific industry solutions including education, financial services, healthcare, hospitality, nonprofits, restaurants, technology services and more.

Computer and Electronics

Computer and Electronics Compliance Financial Services Analytics

Ephesoft Launches Context Driven Productivity at Enterprise Productivity Summit

Info Source

FEBRUARY 11, 2020

After 10 years of innovating the document capture space with machine learning and AI technology, we know that truly successful digital transformation projects require a complete set of organizational data, including the dark data hidden in unstructured content,” said Ike Kavas, founder and CEO of Ephesoft.

Digital transformation

Digital transformation Artificial Intelligence Mining Financial Services

USAID Email Phishing Campaign Shows Supply Chain Threats Continue

eSecurity Planet

JUNE 1, 2021

” Lookout data indicates that about 15 percent of financial services employees encountered a mobile phishing attempt each quarter in 2020. Other issues can include large sporting events like the Olympics and political events like elections. … Attacks are more difficult to spot on mobile.

Phishing

Phishing Cybersecurity Government Authentication

The Hacker Mind: MITRE ATT&CK Evaluations

ForAllSecure

MAY 4, 2021

In a moment we'll hear about a cool new framework that MITRE developed it attempts to map potential threats by looking at past events and catalogs, all known tactics and techniques used by criminal hackers. Vamosi: ATT&CK also allows you to move to the next level to get ahead of the adversary ATT & CK based on past events.

Government

Government IT Access Analytics

The Hacker Mind: MITRE ATT&CK Evaluations

ForAllSecure

MAY 4, 2021

In a moment we'll hear about a cool new framework that MITRE developed it attempts to map potential threats by looking at past events and catalogs, all known tactics and techniques used by criminal hackers. Vamosi: ATT&CK also allows you to move to the next level to get ahead of the adversary ATT & CK based on past events.

Government

Government IT Access Analytics

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

Trending Sources

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Navigating the landscape of digital accessibility

Vermont Enacts Insurance Data Security Law

NYDFS settles cybersecurity regulation matter for $3 million

Scary Fraud Ensues When ID Theft & Usury Collide

NYDFS Issues Ransomware Guidance Outlining Expected Security Controls

Capture & IDP Conference 2023 Highlights

Cryptoassets and Smart Contracts – UK Offers Legal Clarity

Cryptoassets and Smart Contracts – UK Offers Legal Clarity

Risk Management under the DORA Regulation

ABBYY Intelligent Capture Connector Is Now Available on the UiPath Go! RPA App Store

Marriott Breach: More than 500 Million Guest Affected

How to Prevent Data Breaches: Data Breach Prevention Tips

Kodak Alaris Announces Global Alliance with RPA Software Leader UiPath

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

Institutional Investor’s Introduction to Blockchain and Digital Asset Investing

Proposed Amendments to NY Financial Services Cybersecurity Regulations Impose New Obligations on Large Entities, Boards of Directors and CISOs

The compliance challenges of hybrid working

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

The Impact of Data Protection Laws on Your Records Retention Schedule

FinCEN Issues Notice on Reporting COVID-19 Criminal and Suspicious Activities, Companion Advisory on COVID-19-Related Medical Scams

FTC Seeks Comment on Proposed Changes to GLBA Implementing Rules

Getting ready for artificial general intelligence with examples

Ransomware Protection in 2021

Capital Markets, AI, and the need for governance

Discovery of New Internet of Things (IoT) Based Malware Could Put a New Spin on DDoS Attacks

Cybersecurity: Managing Risks With Third Party Companies

Free Remote-Work App: Remote Work Made Easy with erwin WFH Impact Manager

NYDFS proposes significant cybersecurity regulation amendments

Ten Years Later, New Clues in the Target Breach

3 key reasons why your organization needs Responsible AI

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

The Hacker Mind Podcast: Going Passwordless

Reveille Expands from APM to Broader Analytics

OCR and Health Care Industry Cybersecurity Task Force Publish Cybersecurity Materials

What Real Users Love About Their Payroll Department Tools

Ephesoft Launches Context Driven Productivity at Enterprise Productivity Summit

USAID Email Phishing Campaign Shows Supply Chain Threats Continue

The Hacker Mind: MITRE ATT&CK Evaluations

The Hacker Mind: MITRE ATT&CK Evaluations

Stay Connected