Document, Financial Services and Risk - Information Management Today

$8 million penalty to NYDFS – and another case of over-retention

Data Protection Report

JANUARY 18, 2024

On January 3, 2024, the New York Department of Financial Services announced a consent order with GGT, where GGT agreed to pay NYDFS $8 million and to surrender its BitLicense (for cryptocurrency trading), due to alleged violations of NYDFS’ cybersecurity and its virtual currency regulations.

Cybersecurity

Cybersecurity Financial Services Compliance Encryption

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients. In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security.

Personal data

Personal data Phishing Risk Financial Services

AI Governance: Why our tested framework is essential in an AI world

Collibra

AUGUST 14, 2023

Our framework is informed by our definition of AI governance: AI governance is the application of rules, processes and responsibilities to drive maximum value from your automated data products by ensuring applicable, streamlined and ethical AI practices that mitigate risk, adhere to legal requirements and protect privacy.

Government

Government Risk Financial Services Compliance

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

Likewise, the New York State Department for Financial Services regulations requires relevant entities to have appropriate record retention policies and procedures. For a long time companies have been more focused on the risk of losing data than on retaining too much data. In the U.S.,

Privacy

Privacy Compliance Personal data Risk

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

The records retention schedule is the foundational document for a records management program. By doing this, an organization retains necessary business information while saving money and resources by disposing of unnecessary information that would otherwise drive up the cost of storage, data migration, and litigation. 2 DLA Piper.

Personal data

Personal data GDPR Privacy Records Management

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

Likewise, the New York State Department for Financial Services regulations requires relevant entities to have appropriate record retention policies and procedures. For a long time companies have been more focused on the risk of losing data than on retaining too much data. In the U.S.,

Privacy

Privacy Compliance Personal data Risk

Getting ready for artificial general intelligence with examples

IBM Big Data Hub

APRIL 18, 2024

According to Andreessen Horowitz (link resides outside IBM.com ) , in 2023, the average spend on foundation model application programming interfaces (APIs), self-hosting and fine-tuning models across surveyed companies reached USD 7 million. The AGI analyzes the data and identifies a rare genetic mutation linked to a specific disease.

Artificial Intelligence

Artificial Intelligence Marketing e-Delivery Manufacturing

Ransomware Protection in 2021

eSecurity Planet

FEBRUARY 16, 2021

The most common way for criminals to infect an organization is by sending an email with a malicious link or attachment that an employee clicks on unwittingly to initiate an attack. Below we outline 18 industry tips for actions you can take to reduce your risk of a ransomware attack: Action. How ransomware works. Description.

Ransomware

Ransomware Encryption Insurance Cloud

Discovery of New Internet of Things (IoT) Based Malware Could Put a New Spin on DDoS Attacks

Data Protection Report

NOVEMBER 3, 2017

Vulnerable devices include various routers made by leading manufacturers, such as D-Link, Netgear, and Linksys, in addition to the types IoT devices used by Mirai. Documenting Security and Preventative Measures. Negotiating/Reviewing Contractual Liability. DDoS Mitigation.

IoT

IoT Communications Risk Passwords

Regulatory Update: NAIC Summer 2019 National Meeting

Data Matters

SEPTEMBER 4, 2019

Similarly, the ASWG is considering whether, in the context of the SAT, “best interest” should be defined by reference to the following obligations: a disclosure obligation, a care obligation, a conflict of interest obligation, a documentation obligation and a supervision system/compliance obligation.

Insurance

Insurance Paper Risk Analytics

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

So um, yeah, is up sometimes risk of falling into a black hole of, of doom, know that there's a lack of ownership. And they trust this, these pieces of information somehow, this automagic link between this list of fields and a physical person sort of automatically happens. It's documented. What is identity?

Passwords

Passwords Authentication Access Data breaches

Change Management: Enterprise Architecture for Managing Change

erwin

FEBRUARY 27, 2020

Even industries historically resistant to it, such as financial services and healthcare, are now transforming proactively and at a rapid rate. Such disconnects result in redundant technology and processes, inefficient use of resources, and/or missed opportunities. Why Is Change Management Important?

Digital transformation

Digital transformation Financial Services Analytics Education

Business Process Modeling Use Cases and Definition

erwin

MARCH 28, 2019

According to Gartner , BPM links business strategy to IT systems development to ensure business value. The visualization process can aid in an organization’s ability to understand the security risks associated with a particular process. A visual representation of what your business does and how it does it. Knowledge retention.

Digital transformation

Digital transformation Healthcare Compliance Financial Services

How Your Company Can Prevent a Cyberattack

Adam Levin

AUGUST 21, 2019

Among other things, this slowness means fewer clicked links in phishing emails. All of the above is fine and good, but I think principles–creating a culture of cyber awareness–is generally more effective, which is why I favor cyber training that is aimed at minimizing, monitoring, and managing cyber risk. Attacks happen.

Phishing

Phishing Cybersecurity Passwords Financial Services

Information Management Today

$8 million penalty to NYDFS – and another case of over-retention

Multinational ICICI Bank leaks passports and credit card numbers

Webinars

Trending Sources

AI Governance: Why our tested framework is essential in an AI world

Webinars

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

The Impact of Data Protection Laws on Your Records Retention Schedule

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Getting ready for artificial general intelligence with examples

Ransomware Protection in 2021

Discovery of New Internet of Things (IoT) Based Malware Could Put a New Spin on DDoS Attacks

Regulatory Update: NAIC Summer 2019 National Meeting

The Hacker Mind Podcast: Going Passwordless

Change Management: Enterprise Architecture for Managing Change

Business Process Modeling Use Cases and Definition

How Your Company Can Prevent a Cyberattack

Stay Connected