Financial Services, Government, Personal data and Risk

AI Governance: Why our tested framework is essential in an AI world

Collibra

AUGUST 14, 2023

As we speed into a new AI era, there’s a critical element that’s often missing when organizations rush forward in hyper-competitive markets to build scalable, trusted AI programs — and that’s AI governance. An AI governance framework offers a blueprint for how to create successful AI products.

Government

Government Risk Financial Services Compliance

UK Government sets out proposals to shake up UK data protection laws

Data Protection Report

SEPTEMBER 28, 2021

On 10 September 2021, the UK Government published its consultation paper on proposals to reform the UK’s data protection regime. On legitimate interests, the Government proposes disapplying the legitimate interest balancing test for certain activities. The deadline for responding to the consultation is 19 November 2021.

Government

Government FOIA GDPR Compliance

CFPB’s Proposed Data Rules

Schneier on Security

JANUARY 31, 2024

In October, the Consumer Financial Protection Bureau (CFPB) proposed a set of rules that if implemented would transform how financial institutions handle personal data about their customers. This would change the economics of consumer finance and the illicit data economy that exists today.

Financial Services

Financial Services Privacy Personal data Marketing

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. government, especially in light of ongoing tensions between the U.S. First , all of the reports specifically focus on the threat of Russian state-sponsored cyberattacks.

Cybersecurity

Cybersecurity Financial Services Authentication Government

Navigating the EU-US Data Protection Framework

Thales Cloud Protection & Licensing

JANUARY 10, 2024

That decision of adequacy provides in substance that there is an adequate level of protection—comparable to that in the EU—for personal data transferred from the EU to US companies that are participating in the DPF. However, European organizations need to dive with eyes wide open when transferring personal data to the US under the DPF.

Data Privacy

Data Privacy Personal data Privacy Cloud

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. However, despite the critical status of bank infrastructure on the national level, the security of crucial data was not ensured. million files belonging to ICICI Bank.

Personal data

Personal data Phishing Risk Financial Services

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

Keeping informed about current attacks is one of the best ways of reducing the risk of falling victim. So, as ever, this blog series examines recent phishing campaigns and the tactics criminals use to trick people into compromising their data. Can you spot a phishing scam?

Phishing

Phishing Financial Services Manufacturing Personal data

Improve your data relationships with third parties

Collibra

FEBRUARY 11, 2020

Seizing an opportunity to improve data relationships with third parties. Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed. Exploring third party data relationship risk.

Financial Services

Financial Services Digital transformation Personal data Compliance

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

The most significant action came in October, when the Berlin Commissioner for Data Protection and Freedom of Information issued a €14.5million fine against German real estate company, Deutsche Wohnen SE, relating to the excessive retention of personal data. How should businesses change their attitudes towards data retention?

Privacy

Privacy Compliance Personal data Risk

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. Definition and Purpose of a Records Retention Schedule.

Personal data

Personal data GDPR Privacy Records Management

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security

Security Data breaches Ransomware Artificial Intelligence

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021. enable companies to identify cybersecurity risks and incidents. evaluate the significance associated with such risks and incidents.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

The GDPR provision that may keep IT security teams busiest is Article 32, which requires “a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing” of personal data. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

The most significant action came in October, when the Berlin Commissioner for Data Protection and Freedom of Information issued a €14.5million fine against German real estate company, Deutsche Wohnen SE, relating to the excessive retention of personal data. How should businesses change their attitudes towards data retention?

Privacy

Privacy Compliance Personal data Risk

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

NOVEMBER 9, 2018

So, you are carrying out profiling if you collect and analyse personal data using algorithms or AI, make associations between habits and characteristics based on that data, and predict individuals’ behaviour based on the demographic or profile that you’ve assigned them. appeared first on IT Governance Blog.

GDPR

GDPR Personal data Financial Services Compliance

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. As a result, organisations need to revisit their current cookie consent mechanisms and notices and reassess their appetite to risk.

Privacy

Privacy GDPR Data breaches Risk

Capital Markets, AI, and the need for governance

Collibra

OCTOBER 31, 2023

With every financial services organization focused on making better and faster decisions, data professional and business leaders are eager to better understand how AI can facilitate their strategic goals. Not surprisingly, everyone was talking about Artificial Intelligence (AI). Already using AI?

Marketing

Marketing Government Financial Services Artificial Intelligence

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Instead the PIPL is a robust data privacy framework designed to safeguard individuals’ personal data against abuse, but at the same time to reflect cultural and business attitudes to data in China, as well as new technologies (including advances in AI, biometrics and data analytics), and to enable flows of personal data.

Data Privacy

Data Privacy Privacy Compliance Analytics

Slack Launched Encryption Key Addon For Businesses

Security Affairs

MARCH 18, 2019

Using Slack EKM, IT admins can revoke access to data within a particular Slack channel, for example, rather than disrupting all users on the entire platform. They can share chats, files and other data , all while still meeting their own risk mitigation requirements. What are the security risks of Slack? Admin Roles.

Encryption

Encryption Risk Financial Services Privacy

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. As a result, organisations need to revisit their current cookie consent mechanisms and notices and reassess their appetite to risk.

Privacy

Privacy GDPR Data breaches Risk

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

HL Chronicle of Data Protection

NOVEMBER 15, 2018

The draft text of the EU-UK withdrawal agreement was published by the UK Government and the European Union yesterday, providing some of the first concrete indicators of the possible direction of travel in the area of data protection. What constitutes personal data that is subject to the withdrawal agreement is currently unclear.

GDPR

GDPR Personal data Government Financial Services

AI governance: Key for addressing the Executive Order on safe, secure and trustworthy artificial intelligence

Collibra

NOVEMBER 10, 2023

Discussions surrounding AI governance, regulation, and ethics have taken center stage. The United States government, along with many other countries, has recognized the need to establish a framework for responsible AI development and deployment. Personal data should be handled with care.

Artificial Intelligence

Artificial Intelligence Government Security Data Privacy

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

The May 25, 2018 effective date for the EU’s General Data Protection Regulation (GDPR) will no doubt be a central focus of 2018. Europe’s omnibus new framework for data protection law applies to (almost) all entities that collect and process EU personal data regardless of where the data are processed.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

These new attacks affect everything from private citizens and businesses to government systems; healthcare organizations; public services; and food, water, and fuel supply chains. Crimeware is a type of malware that cyber criminals use to commit identity theft or gain financial information to execute transactions. Other methods.

Ransomware

Ransomware Cybersecurity Phishing Encryption

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

Data Protection Report

MARCH 7, 2024

The proposed definition of “listed identifier” is Full or truncated government identification or account number (such as a Social Security Number, driver’s license or state identification number, passport number, or Alien Registration Number) [Note that this definition apparently includes truncated Social Security Numbers.]

Access

Access Military Compliance Personal data

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

based supplier of identity access management (IAM) systems, which recently announced a partnership with Omada, a Copenhagen-based provider of identity governance administration (IGA) solutions. Governance and attestation quickly became a very big deal. Compliance became a huge driver for governance and attestation,” Curcio said. “It

Access

Access Government Authentication Data breaches

List of data breaches and cyber attacks in July 2019 – 2.2 billion records leaked

IT Governance

JULY 31, 2019

Croatian government targeted by mysterious hackers (unknown). LaPorte, Indiana, government pays $132 after its systems crippled by ransomware (unknown). New Bedford, MA, and Syracuse, NY, governments also hit by ransomware (unknown). NV, becomes latest US government to be hit by ransomware (unknown). Data breaches.

Data breaches

Data breaches Ransomware Personal data Government

EU’s possible Data Act: What can we anticipate from the Inception Impact Assessment and the Consultation?

Data Protection Report

JULY 5, 2021

The Commission is assessing the application of the Trade Secrets Directive in the context of the data economy, including a study focusing on four key sectors (automotive, health, energy and financial services) with a view to providing clarifying guidance at a later date. B2B data sharing: Ensuring fairness and competitiveness.

B2B

B2B Personal data Cloud Access

Living in a data sovereign world

IBM Big Data Hub

OCTOBER 16, 2023

Data sovereignty is the control of sensitive data in adherence to local geographical jurisdiction and prevention of unauthorized access and loss of data. Data sovereignty addresses legal, privacy, security and governance concerns associated with the storage, processing and transfer of data.

Cloud

Cloud Compliance Data Privacy Privacy

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Compromised information includes patients’ personal data, health and medical records, financial data, internal emails and software source code. and Robert W.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

IT Governance

JANUARY 23, 2024

Australian government sets out risk-based system to respond to AI The Australian government has launched its plan to respond to the rise in AI, using a risk-based system to impose proportionate controls on its use.

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Business of Data Newsletter – Issue 7 (7 December 2018)

Information Matters

DECEMBER 7, 2018

. “Seven out of 10 UK consumers and two-thirds, on average, around the world would stop doing business with a brand that suffers a breach of users’ financial or personal data. Who steals personal data and how do they make money from it? ” [link]. Which of those skills gets the pedestal?”

IoT

IoT Blockchain Personal data Analytics

Countdown to GDPR: it’s time for action

CGI

MAY 25, 2017

The General Data Protection Regulation comes into force a year from now. It will usher in a new data management regime for any organisation collecting, storing or processing personal data. GDPR extends the notion of personal data to any information that contributes to individual identification.

GDPR

GDPR Personal data Financial Services Compliance

Data Governance Tools: What Are They? Are They Optional?

erwin

NOVEMBER 14, 2019

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data Governance Tools for Regulatory Compliance.

Government

Government Data breaches Metadata GDPR

Keeping Customer Data Safe: AI's Privacy Paradox

Thales Cloud Protection & Licensing

MARCH 14, 2024

Putting Personal Data at Risk The results were not all positive, however. The Thales study highlighted how nearly six out of ten (57%) of global consumers were anxious that brands using generative AI would be putting their personal data at risk.

Privacy

Privacy Data Privacy Analytics Risk

Data Governance Tools: What Are They? Are They Optional?

erwin

NOVEMBER 14, 2019

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data Governance Tools for Regulatory Compliance.

Government

Government Data breaches Metadata GDPR

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

law with respect to their data collected by U.S authorities competent for national security sets out how data subjects in the EU and EEA can formally complain about the processing of their personal data by US intelligence agencies.

Data Privacy

Data Privacy Privacy Manufacturing Security

List of data breaches and cyber attacks in September 2021 – 91 million records breached

IT Governance

SEPTEMBER 30, 2021

SC: Dorchester County Government Notice of February Security Incident (databreaches.net) (0). HBP Financial Services Group notice of breach impacting Pathology Consultants of New London, PC (databreaches.net) (0). Hacker puts stolen data online because college refuses to pay (databreaches.net) (0).

Data breaches

Data breaches Ransomware Financial Services Privacy

Debate Continues on the Future of US Privacy Regulation from California to Capitol Hill

Data Matters

DECEMBER 27, 2018

On December 12, a group of 16 Democratic Senators released a discussion draft of the “ Data Care Act ” (S. 3744), which would establish duties of “care, loyalty, and confidentiality” for online providers that handle personal data. However, many important differences and open issues remain.

Privacy

Privacy Data Privacy Personal data Data breaches

AI Governance: Why our tested framework is essential in an AI world

UK Government sets out proposals to shake up UK data protection laws

Trending Sources

CFPB’s Proposed Data Rules

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Navigating the EU-US Data Protection Framework

Multinational ICICI Bank leaks passports and credit card numbers

Catches of the Month: Phishing Scams for October 2023

Improve your data relationships with third parties

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

The Impact of Data Protection Laws on Your Records Retention Schedule

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Security Compliance & Data Privacy Regulations

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

GDPR automated decision-making and profiling: what are the requirements?

The Privacy Officers’ New Year’s Resolutions

Capital Markets, AI, and the need for governance

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

Slack Launched Encryption Key Addon For Businesses

The Privacy Officers’ New Year’s Resolutions

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

AI governance: Key for addressing the Executive Order on safe, secure and trustworthy artificial intelligence

Privacy and Cybersecurity Top 10 for 2018

What is a Cyberattack? Types and Defenses

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

List of data breaches and cyber attacks in July 2019 – 2.2 billion records leaked

EU’s possible Data Act: What can we anticipate from the Inception Impact Assessment and the Consultation?

Living in a data sovereign world

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

The Business of Data Newsletter – Issue 7 (7 December 2018)

Countdown to GDPR: it’s time for action

Data Governance Tools: What Are They? Are They Optional?

Keeping Customer Data Safe: AI's Privacy Paradox

Data Governance Tools: What Are They? Are They Optional?

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

List of data breaches and cyber attacks in September 2021 – 91 million records breached

Debate Continues on the Future of US Privacy Regulation from California to Capitol Hill

Stay Connected