Hunton Privacy

APRIL 27, 2017

Earlier this month, the New York State Department of Financial Services (“NYDFS”) recently published FAQs and key dates for its cybersecurity regulation (the “NYDFS Regulation”) for financial institutions that became effective on March 1, 2017. March 1, 2019 – the two year transitional period ends.

Cybersecurity 53

Cybersecurity Compliance Financial Services Insurance 53

Data Protection Report

JANUARY 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS””) Cybersecurity Regulation , 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective. Upcoming certifications.

Cybersecurity 40

Cybersecurity Compliance Financial Services Risk 40

Data Matters

MARCH 12, 2019

Of particular note, the Safeguards Rule NPRM proposes to align the FTC’s requirements with those of the New York Department of Financial Services (“NYDFS”), as found in its cybersecurity regulations, and the National Association of Insurance Commissioners (“NAIC”), as found in its insurance data security model law.

Privacy 68

Privacy IT Information Security Insurance 68

eSecurity Planet

FEBRUARY 16, 2021

All of your files are encrypted with RSA-2048 and AES-128 ciphers.” ” Or you might see a readme.txt stating, “Your files have been replaced by these encrypted containers and aren’t accessible; you will lose your files on [enter date] unless you pay $2500 in Bitcoin.” IMPORTANT INFORMATION !!!

Ransomware 97

Ransomware Encryption Insurance Cloud 97

HL Chronicle of Data Protection

MARCH 14, 2019

The plan must enable FIs to promptly respond to and recover from security events affecting customer information. It must also address the goals of the plan, internal processes for responding to a security event, and documentation and reporting regarding security events and related incident response activities.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

ARMA International

AUGUST 2, 2019

The details of the event are evolving, but Capital One issued a statement of its understanding so far. Though Capital One reports that it encrypts its data as a standard practice, the data was de-encrypted during the breach. See [link]. Overview and Frequently Asked Questions.) and 6 million Canadian individuals.

Cloud 41

Cloud Data breaches Encryption Access 41

DLA Piper Privacy Matters

JULY 30, 2019

Some states – such as Alabama, Massachusetts and New York (for financial services companies) – prescribe particular requirements of a “reasonable” cybersecurity program. At least nine states expressly extend these requirements to service providers. Proof of adequate cyber insurance coverage.

Data breaches 45

Data breaches Cybersecurity Financial Services Risk 45

DLA Piper Privacy Matters

AUGUST 23, 2021

The PIPL includes a specific obligation on data controllers to adopt corresponding encryption or deidentification technologies, and to adopt access controls and training. Immediate remedial action must be taken in the event of any suspected or actual data disclosure, loss or tampering. This aligns with the new Data Security Law.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

eSecurity Planet

AUGUST 13, 2021

Since the inception of data forensics almost forty years ago, methods for investigating security events have given way to a market of vendors and tools offering digital forensics software (DFS). While Cellebrite offers a range of DFIR tools, the Cellebrite UFED is known as one of the best commercial tools for digital device forensics.

e-Discovery 134

e-Discovery Computer and Electronics Marketing Compliance 134

ForAllSecure

JANUARY 19, 2022

Moffatt: I think tokens are typically what I guess happens once somebody has authenticated so once the authentication event is taking place, and you've identified it, yeah, this is some Simon coming back. So the tokens are very important and they are really sort of an output of the sort of authentication event.

Passwords 52

Passwords Authentication Access Data breaches 52

eSecurity Planet

JANUARY 11, 2022

Deduce offers actionable identity intelligence through event-level telemetry to act against abnormal user activity. GitGuardian is a developer favorite offering a secrets detection solution that scans source code to detect certificates, passwords, API keys, encryption keys, and more. Ubiq Security. Cowbell Cyber.

Cybersecurity 141

Cybersecurity Cloud Compliance Analytics 141