Document, Financial Services and Risk - Information Management Today

Toyota Financial Services discloses a data breach

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

Financial Services

Financial Services Data breaches Ransomware Insurance

Medusa ransomware gang claims the hack of Toyota Financial Services

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Toyota Financial Services confirmed the discovery of unauthorized activity on systems in a limited number of its locations. ” reads a statement published by the company.

Financial Services

Financial Services Ransomware Data breaches Insurance

Accelerate hybrid cloud transformation through IBM Cloud for Financial Service Validation Program

IBM Big Data Hub

APRIL 4, 2024

The cloud represents a strategic tool to enable digital transformation for financial institutions As the banking and other regulated industry continues to shift toward a digital-first approach, financial entities are eager to use the benefits of digital disruption. Most of these new technologies are born-in-cloud.

Financial Services

Financial Services Cloud Compliance Digital transformation

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Rocket Software

MARCH 14, 2022

Analyst firm IDC recently published a Vendor Spotlight report featuring ASG Mobius Content Services (Mobius) and its applications in the financial service and insurance industries. IDP Trends in the Financial and Insurance Industries. Challenges to Effective IDP.

Financial Services

Financial Services Insurance Digital transformation Paper

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

The Last Watchdog

FEBRUARY 11, 2024

Related: The case for augmented reality training Because of this, cybersecurity investments and regulatory oversight are increasing at an astounding rate , especially for those in the financial services industry, bringing an overwhelming feeling to chief compliance officers without dedicated security teams. The list goes on.

Risk

Risk IT Financial Services Cybersecurity

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. Class A companies are specifically required to: – conduct independent audits of their cybersecurity program based on their risk assessment (500.2(c));

Financial Services

Financial Services Cybersecurity Compliance Government

What is Cybersecurity Risk Management?

eSecurity Planet

FEBRUARY 11, 2022

Risk management is a concept that has been around as long as companies have had assets to protect. Risk management also extends to physical devices, such as doors and locks to protect homes and vehicles, vaults to protect money and precious jewels, and police, fire, and CCTV to protect against other physical risks.

Risk

Risk Cybersecurity Encryption Access

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

Perhaps even more concerning to EU lawmakers is how dependent society at large is on banking and other financial services. In turn, financial institutions heavily depend on ICT to be able to provide those services to begin with. That really shouldn’t surprise us – these are lucrative targets for cyber criminals.

Risk

Risk Data breaches Authentication Financial Services

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

What Is Cross-Site Scripting (XSS)? Types, Risks & Prevention

eSecurity Planet

FEBRUARY 26, 2024

3 Common Types of Cross-Site Scripting Attacks Top 5 Risks Associated with XSS Attacks How to Tell if You’re Vulnerable to XSS Attacks Can You Prevent Cross-Site Scripting? If your web application falls victim to an XSS attack, it could be a stored, reflected, or document-object-model (DOM)-based attack.

Risk

Risk Financial Services Security Libraries

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. First American Financial Corp.

Insurance

Insurance Risk Financial Services Mining

Choosing to Store, Scan, or Shred Your Documents: A Comprehensive Guide

Armstrong Archives

DECEMBER 18, 2023

This reality has made data security increasingly important, requiring a sea change in the way companies handle their documents. We have decades of experience in the safe storage, scanning, and shredding of our clients’ important documents. What paperwork do I need to keep: How do you know which documents to keep or shred?

Archiving

Archiving Paper Records Management Compliance

Corporate Finance firms leak 500K+ legal and financial documents online

Security Affairs

MARCH 17, 2020

Security experts from vpnMentor have discovered two corporate finance companies that leak half a million legal and financial documents online. vpnMentor experts uncovered a database exposed online on Amazon Web Services (AWS) that is leaking a huge amount of sensitive legal and financial documents.

Financial Services

Financial Services Access Privacy Security

$8 million penalty to NYDFS – and another case of over-retention

Data Protection Report

JANUARY 18, 2024

On January 3, 2024, the New York Department of Financial Services announced a consent order with GGT, where GGT agreed to pay NYDFS $8 million and to surrender its BitLicense (for cryptocurrency trading), due to alleged violations of NYDFS’ cybersecurity and its virtual currency regulations.

Cybersecurity

Cybersecurity Financial Services Compliance Encryption

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

The Last Watchdog

JULY 11, 2023

By using real-time antivirus scanning to detect and neutralize security risks as they enter the trading system, threats can be quickly identified and eliminated. This includes scanning all materials, such as investor onboarding documents and communication. Implement a multi-layered approach to protect against potential threats.

IT

IT Encryption Risk Financial Services

New York State imposes a $1.5 million penalty in cybersecurity breach case

Data Protection Report

MARCH 1, 2021

On March 3, 2021, the New York Department of Financial Services (NYDFS) announced a Consent Order with a NYDFS-licensed Maine-based mortgage banker and loan servicer settling alleged violations of the NYDFS cybersecurity regulations. ( In the matter of Residential Mortgage Services, Inc., March 3, 2021).

Cybersecurity

Cybersecurity Financial Services Risk IT

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk

Risk Financial Services Insurance Cybersecurity

FCA sets out plans to make Big Tech a priority and provides update on its approach to AI

Data Protection Report

APRIL 23, 2024

He noted that whilst the growing emergence of Big Tech in financial services has already made life easier for consumers, it remains unclear how valuable their data will become in financial markets. The FCA also sets out its next steps.

Financial Services

Financial Services IT Marketing Retail

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. It includes multi-disciplinary risk and compliance management solutions and tools, including: IT & security risk management. Audit management.

Compliance

Compliance Risk Government Retail

API Security in 2024: Imperva Report Uncovers Rising Threats and the Urgent Need for Action

Thales Cloud Protection & Licensing

MARCH 6, 2024

Nearly one-third (28%) of all DDoS attacks on APIs focus on financial services organizations, the most targeted industry for this type of attack. Shadow APIs Fuel Data Leakage Undiscovered or poorly documented APIs increase the attack surface. Identify and protect sensitive and high-risk APIs.

Security

Security Authentication Risk Cybersecurity

Latitude Data breach is worse than initially estimated. 14 million individuals impacted

Security Affairs

MARCH 28, 2023

Australian loan giant Latitude Financial Services (Latitude) revealed that a data breach its has suffered impacted 14 million customers. The data breach suffered by Latitude Financial Services (Latitude) is much more serious than initially estimated. ” said Latitude Financial CEO Ahmed Fahour.

Data breaches

Data breaches Financial Services Passwords Risk

The Clock is Ticking for PCI DSS 4.0 Compliance

Thales Cloud Protection & Licensing

SEPTEMBER 18, 2023

According to the 2022 Thales Data Threat Report – Financial Services Edition , 52% of U.S. financial services organizations report that they have experienced a data breach in the past. The new version includes many updates, which you can read in the Summary of Changes document. million, second only to healthcare.

Compliance

Compliance Financial Services Data breaches Encryption

NYDFS issues significant guidance on insurers using AI or external data

Data Protection Report

FEBRUARY 2, 2024

On January 17, 2024 the New York Department of Financial Services (“NYDFS”) published a Proposed Insurance Circular Letter (“Proposed Circular”) regarding the use of artificial intelligence systems (“AIS”) and external consumer data and information sources (“ECDIS”) in insurance underwriting and pricing.

Insurance

Insurance Artificial Intelligence Risk Compliance

Recycle Your Phone, Sure, But Maybe Not Your Number

Krebs on Security

MAY 19, 2021

Many online services allow users to reset their passwords by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents. Which means losing control over one thanks to a divorce, job termination or financial crisis can be devastating.

Authentication

Authentication Passwords Financial Services Risk

6 benefits of data lineage for financial services

IBM Big Data Hub

FEBRUARY 26, 2024

The financial services industry has been in the process of modernizing its data governance for more than a decade. How can banks, credit unions, and financial advisors keep up with demanding regulations while battling restricted budgets and higher employee turnover? The Basel Committee released BCBS 239 as far back as 2013.

Financial Services

Financial Services Cloud Metadata Digital transformation

U.S. Office of the Comptroller of the Currency Updates Third-Party Relationships Risk Management Guidance

Data Matters

MARCH 23, 2020

On March 5, 2020, the Office of the Comptroller of the Currency (OCC) issued an updated set of answers to frequently asked questions (FAQs) 1 regarding risk management in national bank relationships with third parties to further supplement its 2013 guidance, OCC Bulletin 2013-29 (the Bulletin), 2 and its 2017 FAQs (Prior FAQs) on the topic.

Risk

Risk Cloud Compliance Marketing

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients. If malicious actors accessed the exposed data, the company could have faced devastating consequences and put their clients at risk, as financial services are the main target for cybercriminals.

Personal data

Personal data Phishing Risk Financial Services

NYDFS Issues Ransomware Guidance Outlining Expected Security Controls

Hunton Privacy

JULY 12, 2021

On June 30, 2021, the New York State Department of Financial Services (“NYDFS,” the “Department”) issued guidance to all New York state regulated entities on ransomware (the “Guidance”), identifying controls it expects regulated companies to implement whenever possible.

Ransomware

Ransomware Security Financial Services Cybersecurity

AI Governance: Break open the black box

IBM Big Data Hub

OCTOBER 4, 2022

Today, AI presents an enormous opportunity to turn data into insights and actions, to amplify human capabilities, decrease risk and increase ROI by achieving break through innovations. Manual processes that introduce risk and make it hard to scale. Challenges around managing risk. It is an imperative.

Government

Government Artificial Intelligence Metadata Data science

OCR Labs exposes its systems, jeopardizing major banking clients

Security Affairs

APRIL 6, 2023

A digital identification tool provided by OCR Labs to major banks and government agencies leaked sensitive credentials, putting clients at severe risk. Its services are used by companies and financial institutions including BMW, Vodafone, the Australian government, Westpac, ANZ, HSBC, and Virgin Money.

IT

IT Financial Services Access Risk

NYDFS Files First Cybersecurity Enforcement Action

Hunton Privacy

JULY 24, 2020

On Wednesday, July 22, the New York Department of Financial Services (the “NYDFS”) announced that it had filed administrative charges against First American Title Insurance Co. under the NYDFS Cybersecurity Regulation , marking the agency’s first enforcement action since the rules went into effect in March 2017. NYCRR 500.14(b):

Cybersecurity

Cybersecurity Risk Financial Services Insurance

Vermont Enacts Insurance Data Security Law

Hunton Privacy

JUNE 9, 2022

Licensees must conduct a risk assessment to create a WISP “commensurate with the size and complexity of the licensee, the nature and scope of the licensee’s activities, including its use of third-party service providers, and the sensitivity of the nonpublic information.” Enforcement and Penalties Under the Law.

Insurance

Insurance Security Information Security Cybersecurity

Automated governance and trustworthy AI

IBM Big Data Hub

JUNE 7, 2022

As part of their AI adoption, enterprises should define and adopt safety standards to manage their regulatory, financial, operational, technology and brand risks. As an example, a large financial services firm could easily deploy hundreds or thousands of AI models to assist decision makers in various tasks.

Government

Government Financial Services Compliance Cloud

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021. enable companies to identify cybersecurity risks and incidents. evaluate the significance associated with such risks and incidents.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

NYDFS settles cybersecurity regulation matter for $3 million

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. A threat actor gained access to an employee’s document management system account. NYDFS Cybersecurity Regulation. The second incident occurred in March of 2019.

Cybersecurity

Cybersecurity Financial Services Phishing Compliance

AI Governance: Why our tested framework is essential in an AI world

Collibra

AUGUST 14, 2023

Our framework is informed by our definition of AI governance: AI governance is the application of rules, processes and responsibilities to drive maximum value from your automated data products by ensuring applicable, streamlined and ethical AI practices that mitigate risk, adhere to legal requirements and protect privacy.

Government

Government Risk Financial Services Compliance

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

Likewise, the New York State Department for Financial Services regulations requires relevant entities to have appropriate record retention policies and procedures. For a long time companies have been more focused on the risk of losing data than on retaining too much data. In the U.S.,

Privacy

Privacy Compliance Personal data Risk

Shinydocs receives $16.25 million in financing to help organizations generate business value from unstructured data

Info Source

APRIL 4, 2023

Shinydocs has enabled leading organizations within the oil and gas/utilities, government, and financial services verticals to make more accurate, data-driven decisions whilst significantly reducing time searching for files and improving the overall customer and employee experiences.

Unstructured data

Unstructured data Customer Experience Marketing Financial Services

Cybersecurity: Managing Risks With Third Party Companies

Cyber Info Veritas

JULY 19, 2018

This is according to a recent survey conducted by Soha Systems, and according to one of the speeches delivered by the Superintendent of the New York State Department of Financial Services, Mr. Benjamin Lawsky, “ A company’s cybersecurity is only as strong as the cybersecurity of its third-party vendors ”.

Risk

Risk Cybersecurity Compliance Data breaches

Impact of IDP on Business Growth – Customer Onboarding Use Case

Info Source

JULY 6, 2023

By Petra Beck, Senior Analyst Capture Software We are often faced with questions like: How do we justify an investment in a Capture or Intelligent Document Processing (IDP) solution? These inputs arrive through different channels in different formats, a significant portion often as paper documents. as quickly as possible.

Customer Experience

Customer Experience Communications Financial Services Insurance

How AI is helping companies meet sustainability goals

IBM Big Data Hub

JULY 26, 2023

AI solutions work by collecting asset performance data and feeding it into machine learning models, which can predict asset health and risk of failure. The first among these is using intelligent document understanding to process sustainability information. Some companies are already working on them.

Energy and Utilities

Energy and Utilities Agriculture Manufacturing Risk

NYDFS settles cybersecurity regulation matter for $1.8 million

Data Protection Report

JUNE 2, 2021

On May 13, 2021, the New York Department of Financial Services (NYDFS) announced a $1.8 In addition, the companies agreed to continue to strengthen their controls, including delivering the following documentation within 120 days to NYDFS: Comprehensive written cybersecurity incident response plan; and.

Cybersecurity

Cybersecurity Insurance Financial Services Phishing

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Data Matters

APRIL 20, 2021

Significantly, the Cybersecurity Guidance formally states the DOL’s position that cybersecurity is a matter of fiduciary responsibility under ERISA, stating that ERISA requires plan fiduciaries to take appropriate precautions to mitigate cybersecurity risks. Obligations of Service Providers Responsible for Plan-Related IT Systems and Data.

Cybersecurity

Cybersecurity Insurance Risk Compliance

Maze ransomware gang discloses data from drug testing firm HMR

Security Affairs

APRIL 8, 2020

“Many of the ID documents we have on file have expired, but if you believe you provided to HMR IDs that are still valid, report these documents as being compromised to the organisation that issued them.” “Consider contacting CIFAS (the UK’s Fraud Prevention Service) to apply for protective registration. .

Ransomware

Ransomware Data breaches Encryption Financial Services

Toyota Financial Services discloses a data breach

Medusa ransomware gang claims the hack of Toyota Financial Services

Webinars

Trending Sources

Accelerate hybrid cloud transformation through IBM Cloud for Financial Service Validation Program

Webinars

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

What is Cybersecurity Risk Management?

Risk Management under the DORA Regulation

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

What Is Cross-Site Scripting (XSS)? Types, Risks & Prevention

First American Financial Pays Farcical $500K Fine

Choosing to Store, Scan, or Shred Your Documents: A Comprehensive Guide

Corporate Finance firms leak 500K+ legal and financial documents online

$8 million penalty to NYDFS – and another case of over-retention

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

New York State imposes a $1.5 million penalty in cybersecurity breach case

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

FCA sets out plans to make Big Tech a priority and provides update on its approach to AI

Top 10 Governance, Risk and Compliance (GRC) Vendors

API Security in 2024: Imperva Report Uncovers Rising Threats and the Urgent Need for Action

Latitude Data breach is worse than initially estimated. 14 million individuals impacted

The Clock is Ticking for PCI DSS 4.0 Compliance

NYDFS issues significant guidance on insurers using AI or external data

Recycle Your Phone, Sure, But Maybe Not Your Number

6 benefits of data lineage for financial services

U.S. Office of the Comptroller of the Currency Updates Third-Party Relationships Risk Management Guidance

Multinational ICICI Bank leaks passports and credit card numbers

NYDFS Issues Ransomware Guidance Outlining Expected Security Controls

AI Governance: Break open the black box

OCR Labs exposes its systems, jeopardizing major banking clients

NYDFS Files First Cybersecurity Enforcement Action

Vermont Enacts Insurance Data Security Law

Automated governance and trustworthy AI

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

NYDFS settles cybersecurity regulation matter for $3 million

AI Governance: Why our tested framework is essential in an AI world

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Shinydocs receives $16.25 million in financing to help organizations generate business value from unstructured data

Cybersecurity: Managing Risks With Third Party Companies

Impact of IDP on Business Growth – Customer Onboarding Use Case

How AI is helping companies meet sustainability goals

NYDFS settles cybersecurity regulation matter for $1.8 million

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Maze ransomware gang discloses data from drug testing firm HMR

Stay Connected