Financial Services, Government and Personal data

UK Government and the Dubai International Financial Centre Issue Joint Statement on Data Bridge

Hunton Privacy

DECEMBER 19, 2022

On December 15, 2022, the UK government and the Dubai International Financial Centre Authority (“DIFC”) issued a joint statement on the shared commitment to deepening the UK-DIFC data partnership. the pursuit of a closer UK-DIFC partnership on data flows as a way of realizing untapped economic growth.”.

Government

Government Financial Services Personal data Security

AI Governance: Why our tested framework is essential in an AI world

Collibra

AUGUST 14, 2023

As we speed into a new AI era, there’s a critical element that’s often missing when organizations rush forward in hyper-competitive markets to build scalable, trusted AI programs — and that’s AI governance. An AI governance framework offers a blueprint for how to create successful AI products.

Government

Government Risk Financial Services Compliance

UK Government sets out proposals to shake up UK data protection laws

Data Protection Report

SEPTEMBER 28, 2021

On 10 September 2021, the UK Government published its consultation paper on proposals to reform the UK’s data protection regime. On legitimate interests, the Government proposes disapplying the legitimate interest balancing test for certain activities. The deadline for responding to the consultation is 19 November 2021.

Government

Government FOIA GDPR Compliance

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

CFPB’s Proposed Data Rules

Schneier on Security

JANUARY 31, 2024

In October, the Consumer Financial Protection Bureau (CFPB) proposed a set of rules that if implemented would transform how financial institutions handle personal data about their customers. This would change the economics of consumer finance and the illicit data economy that exists today.

Financial Services

Financial Services Privacy Personal data Marketing

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. government, especially in light of ongoing tensions between the U.S. First , all of the reports specifically focus on the threat of Russian state-sponsored cyberattacks.

Cybersecurity

Cybersecurity Financial Services Authentication Government

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

EvilProxy phishing campaign targets Microsoft 365 accounts via indeed.com A phishing campaign identified by Menlo Security has been targeting senior executives in various industries – most notably banking and financial services, property management and real estate, and manufacturing – since July. Can you spot a phishing scam?

Phishing

Phishing Financial Services Manufacturing Personal data

Navigating the EU-US Data Protection Framework

Thales Cloud Protection & Licensing

JANUARY 10, 2024

That decision of adequacy provides in substance that there is an adequate level of protection—comparable to that in the EU—for personal data transferred from the EU to US companies that are participating in the DPF. However, European organizations need to dive with eyes wide open when transferring personal data to the US under the DPF.

Data Privacy

Data Privacy Personal data Privacy Cloud

Improve your data relationships with third parties

Collibra

FEBRUARY 11, 2020

Seizing an opportunity to improve data relationships with third parties. Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed. Exploring third party data relationship risk.

Financial Services

Financial Services Digital transformation Personal data Compliance

Singapore Parliament Passes Personal Data Protection Act

Hunton Privacy

OCTOBER 17, 2012

On October 15, 2012, the Singapore Parliament passed the Personal Data Protection Act 2012. The new law will apply only to data processing in the private sector as data processing by public agencies (or organizations acting on behalf of public agencies) are already subject to internal government rules.

Personal data

Personal data Financial Services Data Privacy Data breaches

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. However, despite the critical status of bank infrastructure on the national level, the security of crucial data was not ensured. million files belonging to ICICI Bank.

Personal data

Personal data Phishing Risk Financial Services

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. Definition and Purpose of a Records Retention Schedule.

Personal data

Personal data GDPR Privacy Records Management

Ireland: Large-scale inquiries progress as DPC budget and staff numbers ramp up

DLA Piper Privacy Matters

FEBRUARY 28, 2022

Primary areas of focus for the DPC in 2021 included the safeguarding of children’s data protection rights, progressing ongoing large-scale inquires and prioritising responding to complaints which have raised issues of substance, with a data subject centric approach to resolution. Ongoing Inquiries & Data Transfer Enforcement.

Financial Services

Financial Services Data breaches Personal data Compliance

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

The most significant action came in October, when the Berlin Commissioner for Data Protection and Freedom of Information issued a €14.5million fine against German real estate company, Deutsche Wohnen SE, relating to the excessive retention of personal data. How do you build an effective information governance program?

Privacy

Privacy Compliance Personal data Risk

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

IT Governance

NOVEMBER 13, 2023

The data included shoppers’ names, email addresses, phone numbers, countries of residence and membership numbers. The post The Week in Cyber Security and Data Privacy: 6 – 12 November 2023 appeared first on IT Governance UK Blog. The information mostly related to court proceedings.

Data Privacy

Data Privacy Privacy Security Data breaches

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security

Security Data breaches Ransomware Artificial Intelligence

China: Navigating China episode 16: New data lifecycle guidelines for financial institutions in China – detailed assessments, additional security measures and some data localisation introduced

DLA Piper Privacy Matters

APRIL 20, 2021

This introduces a data lifecycle security framework, and represents the key guideline for handling personal and other financial information by financial institutions (i.e. similar to the PIS Specification, but focused on the banking and financial services industry). Level 1: public data.

Compliance

Compliance Security Financial Services Data collection

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

NOVEMBER 9, 2018

So, you are carrying out profiling if you collect and analyse personal data using algorithms or AI, make associations between habits and characteristics based on that data, and predict individuals’ behaviour based on the demographic or profile that you’ve assigned them. appeared first on IT Governance Blog.

GDPR

GDPR Personal data Financial Services Compliance

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021. The Order alleges that this vulnerability exposed over 800 million images dating back to 2003, including sensitive personal data, such as Social Security numbers and financial information.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

Indonesia Publishes Proposed Data Protection Rule

Hunton Privacy

JULY 17, 2015

On July 14, 2015, pursuant to an implementation requirement of Government Regulation 82 of 2012, the Indonesian government published the Draft Regulation of the Minister of Communication and Information (RPM) of the Protection of Personal Data in Electronic Systems (“Proposed Regulation”). 82 of 2012.

Personal data

Personal data Archiving Financial Services Communications

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

The GDPR provision that may keep IT security teams busiest is Article 32, which requires “a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing” of personal data. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

Capital Markets, AI, and the need for governance

Collibra

OCTOBER 31, 2023

With every financial services organization focused on making better and faster decisions, data professional and business leaders are eager to better understand how AI can facilitate their strategic goals. Not surprisingly, everyone was talking about Artificial Intelligence (AI). Already using AI?

Marketing

Marketing Government Financial Services Artificial Intelligence

EU-U.S. Privacy Shield Passes Its Third Annual Review

HL Chronicle of Data Protection

OCTOBER 25, 2019

continues to provide an adequate level of protection for personal data transferred under the Privacy Shield from the EU to participating companies in the U.S. On 12 July 2016, the European Commission issued its adequacy decision concerning the Privacy Shield framework for the transfer of personal data from the EU to the U.S.

Privacy

Privacy IT Personal data Financial Services

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

The most significant action came in October, when the Berlin Commissioner for Data Protection and Freedom of Information issued a €14.5million fine against German real estate company, Deutsche Wohnen SE, relating to the excessive retention of personal data. How do you build an effective information governance program?

Privacy

Privacy Compliance Personal data Risk

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Instead the PIPL is a robust data privacy framework designed to safeguard individuals’ personal data against abuse, but at the same time to reflect cultural and business attitudes to data in China, as well as new technologies (including advances in AI, biometrics and data analytics), and to enable flows of personal data.

Data Privacy

Data Privacy Privacy Compliance Analytics

Grove Pension Solutions fined £40,000 for PECR violation

IT Governance

APRIL 2, 2019

The ICO’s d irector of i nvestigations and i ntelligence , Andy White , said : “Spam email uses people ’ s personal data unlawfully, filling up their inboxes and promoting products and services which they don’t necessarily want. . “We In this instance, Grove rel ied on indirect consent.

Marketing

Marketing Personal data GDPR Compliance

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

HL Chronicle of Data Protection

NOVEMBER 15, 2018

The draft text of the EU-UK withdrawal agreement was published by the UK Government and the European Union yesterday, providing some of the first concrete indicators of the possible direction of travel in the area of data protection. What constitutes personal data that is subject to the withdrawal agreement is currently unclear.

GDPR

GDPR Personal data Government Financial Services

AI governance: Key for addressing the Executive Order on safe, secure and trustworthy artificial intelligence

Collibra

NOVEMBER 10, 2023

Discussions surrounding AI governance, regulation, and ethics have taken center stage. The United States government, along with many other countries, has recognized the need to establish a framework for responsible AI development and deployment. Personal data should be handled with care.

Artificial Intelligence

Artificial Intelligence Government Security Data Privacy

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. In the U.S.,

Privacy

Privacy GDPR Data breaches Risk

The Economy of Things: the next value lever for telcos

IBM Big Data Hub

JULY 11, 2023

Telcos can also play the role of data providers as well as data marketplace and brokerage operators within the ecosystem. Vertical data platforms owned and operated by telcos and targeting a specific industry such as automotive, agriculture or financial services already exist today.

IoT

IoT Artificial Intelligence Agriculture Blockchain

Slack Launched Encryption Key Addon For Businesses

Security Affairs

MARCH 18, 2019

Using Slack EKM, IT admins can revoke access to data within a particular Slack channel, for example, rather than disrupting all users on the entire platform. There are millions of third party app available on the internet that needs permission, integration and access to your personal data. Third Party Apps. Third Party Apps.

Encryption

Encryption Risk Financial Services Privacy

It’s time to think twice about retail loyalty programs

Thales Cloud Protection & Licensing

DECEMBER 11, 2018

But it looks like my own personal data has been breached – again. What I’d originally planned to write about was a topic that directly applies – why retailers of all stripes are not investing in data security. Since in Tech we often travel “for a living”, I found in my bag an older Starwood preferred guest card.

Retail

Retail Data breaches Encryption Mining

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. In the U.S.,

Privacy

Privacy GDPR Data breaches Risk

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

These new attacks affect everything from private citizens and businesses to government systems; healthcare organizations; public services; and food, water, and fuel supply chains. Crimeware is a type of malware that cyber criminals use to commit identity theft or gain financial information to execute transactions. Other methods.

Ransomware

Ransomware Cybersecurity Phishing Encryption

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

Data Protection Report

MARCH 7, 2024

The proposed definition of “listed identifier” is Full or truncated government identification or account number (such as a Social Security Number, driver’s license or state identification number, passport number, or Alien Registration Number) [Note that this definition apparently includes truncated Social Security Numbers.]

Access

Access Military Compliance Personal data

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

In January 2024, it identified more potential victims, and has now written to inform them that their personal data may have been compromised in the incident. Data breached: 2,632,275 people’s data. 204 of them are known to have had data exfiltrated, exposed or otherwise breached.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

The May 25, 2018 effective date for the EU’s General Data Protection Regulation (GDPR) will no doubt be a central focus of 2018. Europe’s omnibus new framework for data protection law applies to (almost) all entities that collect and process EU personal data regardless of where the data are processed.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Data Protection Report

DECEMBER 17, 2020

On 25 November 2020, the European Commission ( EC ) published its proposed Data Governance Regulation (the DGR ), which will create a new legal framework to encourage the development of a European single market for data. What are the objectives of the Data Governance Regulation?

Government

Government Personal data Marketing Artificial Intelligence

List of data breaches and cyber attacks in July 2019 – 2.2 billion records leaked

IT Governance

JULY 31, 2019

Croatian government targeted by mysterious hackers (unknown). LaPorte, Indiana, government pays $132 after its systems crippled by ransomware (unknown). New Bedford, MA, and Syracuse, NY, governments also hit by ransomware (unknown). NV, becomes latest US government to be hit by ransomware (unknown). Data breaches.

Data breaches

Data breaches Ransomware Personal data Government

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

based supplier of identity access management (IAM) systems, which recently announced a partnership with Omada, a Copenhagen-based provider of identity governance administration (IGA) solutions. Governance and attestation quickly became a very big deal. Compliance became a huge driver for governance and attestation,” Curcio said. “It

Access

Access Government Authentication Data breaches

EU’s possible Data Act: What can we anticipate from the Inception Impact Assessment and the Consultation?

Data Protection Report

JULY 5, 2021

The Commission is assessing the application of the Trade Secrets Directive in the context of the data economy, including a study focusing on four key sectors (automotive, health, energy and financial services) with a view to providing clarifying guidance at a later date. B2B data sharing: Ensuring fairness and competitiveness.

B2B

B2B Personal data Cloud Access

NEW TECH: How ‘cryptographic splitting’ bakes-in security at a ‘protect-the-data-itself’ level

The Last Watchdog

SEPTEMBER 23, 2019

Tech consultancy IDC recently estimated that global spending on security-related hardware, software and services is growing at a compound annual growth rate of 9.2% As I came to understand it, this new approach leverages multi-factor secret sharing algorithms previously only used by government entities. billion by 2022.

Encryption

Encryption Security Compliance Digital transformation

Network Encryption Keeps Our Data in Motion Secure for Business Services

Thales Cloud Protection & Licensing

JULY 24, 2023

As global data is predicted to grow by more than 100% from 2022 to 2026, making it a top target for cybercriminals, businesses must prioritize cybersecurity solutions that offer protection without affecting network performance or management. These solutions encrypt data as it moves across networks for maximum security and performance.

Business Services

Business Services Encryption Manufacturing Security

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Compromised information includes patients’ personal data, health and medical records, financial data, internal emails and software source code.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

UK Government and the Dubai International Financial Centre Issue Joint Statement on Data Bridge

AI Governance: Why our tested framework is essential in an AI world

Webinars

Trending Sources

UK Government sets out proposals to shake up UK data protection laws

Webinars

CFPB’s Proposed Data Rules

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Catches of the Month: Phishing Scams for October 2023

Navigating the EU-US Data Protection Framework

Improve your data relationships with third parties

Singapore Parliament Passes Personal Data Protection Act

Multinational ICICI Bank leaks passports and credit card numbers

The Impact of Data Protection Laws on Your Records Retention Schedule

Ireland: Large-scale inquiries progress as DPC budget and staff numbers ramp up

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

China: Navigating China episode 16: New data lifecycle guidelines for financial institutions in China – detailed assessments, additional security measures and some data localisation introduced

GDPR automated decision-making and profiling: what are the requirements?

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Indonesia Publishes Proposed Data Protection Rule

Security Compliance & Data Privacy Regulations

Capital Markets, AI, and the need for governance

EU-U.S. Privacy Shield Passes Its Third Annual Review

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

Grove Pension Solutions fined £40,000 for PECR violation

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

AI governance: Key for addressing the Executive Order on safe, secure and trustworthy artificial intelligence

The Privacy Officers’ New Year’s Resolutions

The Economy of Things: the next value lever for telcos

Slack Launched Encryption Key Addon For Businesses

It’s time to think twice about retail loyalty programs

The Privacy Officers’ New Year’s Resolutions

What is a Cyberattack? Types and Defenses

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

Privacy and Cybersecurity Top 10 for 2018

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

List of data breaches and cyber attacks in July 2019 – 2.2 billion records leaked

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

EU’s possible Data Act: What can we anticipate from the Inception Impact Assessment and the Consultation?

NEW TECH: How ‘cryptographic splitting’ bakes-in security at a ‘protect-the-data-itself’ level

Network Encryption Keeps Our Data in Motion Secure for Business Services

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

Stay Connected