Financial Services, Government, Privacy and Security

Data Protection in Financial Services Week 2022

Data Matters

FEBRUARY 25, 2022

Sidley and OneTrust DataGuidance are pleased to announce that registration is now open for their annual Data Protection in Financial Services (DPFS) Week. Join us from February 28 – March 3 for DPFS Week 2022 , a series of webinars looking at the impacts of data privacy across the financial sector.

Financial Services

Financial Services Privacy Data Privacy Cybersecurity

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever. GDPR-style data privacy laws came to the U.S. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Some patients also had their Social Security numbers exposed.”

Data Privacy

Data Privacy Privacy Security Data breaches

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. Covered Entities must have a monitoring process that ensures prompt notification of any new security vulnerabilities. Cybersecurity Governance.

Financial Services

Financial Services Cybersecurity Ransomware Compliance

Market Leading Cybersecurity and National Security Lawyers David Lashway and John Woods Join Sidley in Washington, D.C.

Data Matters

MAY 4, 2022

Sidley announced today that David Lashway and John Woods have joined as partners in the firm’s Privacy and Cybersecurity practice in Washington, D.C. Adding significant bench strength to our Chambers-ranked Privacy and Cybersecurity practice is a win for Sidley and our clients,” said Yvette Ostolaza, Sidley’s Management Committee Chair.

Cybersecurity

Cybersecurity Marketing Security Privacy

Building for operational resilience in the age of AI and hybrid cloud

IBM Big Data Hub

MARCH 20, 2024

For highly regulated industries, these challenges take on an entirely new level of expectation as they navigate evolving regulatory landscape and manage requirements for privacy, resiliency, cybersecurity, data sovereignty and more. This means actively minimizing downtime and closing gaps in the supply chain to remain competitive.

Cloud

Cloud Financial Services Risk Business Services

CFPB’s Proposed Data Rules

Schneier on Security

JANUARY 31, 2024

Beyond these economic effects, the rules have important data security benefits. The CFPB’s rules align with a key security idea: the decoupling principle. When you get a car loan or a house mortgage, that information, along with your Social Security number and other sensitive data, is also shared with unknown third parties.

Financial Services

Financial Services Privacy Personal data Marketing

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. Lacewell stated that cybersecurity is the biggest risk for government and private organizations and described how the Framework is based on “extensive dialogue with industry and experts.”. The Framework. 1 See W.B.

Insurance

Insurance Financial Services Cybersecurity Risk

Resecurity Released a 2024 Cyber Threat Landscape Forecast

Security Affairs

DECEMBER 26, 2023

Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldwide, has compiled a comprehensive forecast outlining the imminent threats and novel security challenges anticipated in the upcoming year. Cybersecurity company Resecurity has published the 2024 Cyber Threat Landscape Forecast.

Energy and Utilities

Energy and Utilities Artificial Intelligence Ransomware Data breaches

NY Department of Financial Services Issues Reminder for Cybersecurity Filing Deadline

Hunton Privacy

JANUARY 24, 2018

On January 22, 2018, the New York Department of Financial Services (“NYDFS”) issued a press release reminding entities covered by its cybersecurity regulation that the first certification of compliance with the regulation is due on or prior to February 15, 2018.

Financial Services

Financial Services Cybersecurity Compliance Insurance

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Source New Telecoms USA Yes 6,158 Nabholz Construction Company Employee Welfare Health Plan Source 1 ; source 2 New Healthcare USA Yes 5,326 Dawson James Securities, Inc. North Hill Home Health Care, Inc.,

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

UK Government and the Dubai International Financial Centre Issue Joint Statement on Data Bridge

Hunton Privacy

DECEMBER 19, 2022

On December 15, 2022, the UK government and the Dubai International Financial Centre Authority (“DIFC”) issued a joint statement on the shared commitment to deepening the UK-DIFC data partnership. In the statement, the UK government and the DIFC also announced the progress on a new Memorandum of Understanding on data.

Government

Government Financial Services Personal data Security

Data Privacy Day: Why Protecting Data Matters to Your Bottom Line

Micro Focus

JANUARY 28, 2021

When it comes to data privacy, who do consumers trust? A recent data privacy survey by McKinsey & Company asked 1,000 consumers to rank the most trusted industries in protecting privacy and data. View Article.

Data Privacy

Data Privacy Privacy Financial Services Government

IBM Cloud delivers enterprise sovereign cloud capabilities

IBM Big Data Hub

FEBRUARY 22, 2024

We strongly believe the influx of data associated with AI will fuel tremendous business innovations, but requires strategic considerations, including around where data resides, data privacy, resilience, operational controls, regulatory requirements and compliance, and certifications.

Cloud

Cloud Computer and Electronics Compliance Financial Services

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. government, especially in light of ongoing tensions between the U.S. This is an important public action by the U.S. and Russia in Ukraine.

Cybersecurity

Cybersecurity Financial Services Authentication Government

Delivering security and scalability in today’s business landscape requires more than setting up a front line of defense

IBM Big Data Hub

DECEMBER 14, 2023

As enterprises scale infrastructure and systems to manage sensitive data and complex workloads, they must rely more on an ecosystem of partners to help them enhance their security and compliance without impacting performance and resiliency. It also offers the industry’s only Keep Your Own Key (KYOK) for data encryption at rest.

Cloud

Cloud Security Data breaches Cybersecurity

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

IBM Big Data Hub

JANUARY 10, 2024

Hybrid cloud has become the dominant approach for enterprise cloud strategies , but it comes with complexity and concerns over integration, security and skills. Hybrid cloud is also forcing a significant rethinking of how to secure and protect data and assets.

Security

Security Cloud Data Privacy Financial Services

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

IBM Big Data Hub

DECEMBER 18, 2023

For organizations of all types—and especially those in highly regulated industries such as financial services, government, healthcare and telco—considerations including the rise of generative AI, evolving regulations and data sovereignty laws and ongoing security challenges must be top of mind.

Cloud

Cloud Financial Services Compliance Digital transformation

Navigating the EU-US Data Protection Framework

Thales Cloud Protection & Licensing

JANUARY 10, 2024

Navigating the EU-US Data Protection Framework sparsh Thu, 01/11/2024 - 05:26 On 10 July 2023, the European Commission adopted a new adequacy decision regarding the Data Privacy Framework (“DPF”). This follows the invalidation of the EU-US Privacy Shield, by the Court of Justice of the European Union on 16 July 2020.

Data Privacy

Data Privacy Personal data Privacy Cloud

The aftermath of an incident – why keeping records of data breaches and privacy incidents matters

Data Protection Report

JUNE 14, 2022

As privacy incidents and security breaches involving personal information become increasingly frequent, organizations are more and more aware of the importance of implementing a robust privacy program to mitigate the risks and impacts of such incidents. Legal Obligations. Procedural Considerations.

Privacy

Privacy Data breaches Compliance Financial Services

The aftermath of an incident – business considerations surrounding record-keeping

Data Protection Report

AUGUST 2, 2022

In our previous publication , we discussed the legal obligations and procedural considerations surrounding maintaining records of privacy incidents. Organizations should also be aware of sector-specific statutory obligations which may apply to them, for example in health or financial services industries.

Compliance

Compliance Privacy Risk Financial Services

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

This blogpost summarises our recent webinar: “ An urgent message from Berlin: The importance of record retention in privacy and cybersecurity ”. The authority claimed a violation of data minimisation and privacy by design principles under the EU General Data Protection Regulation (GDPR). . Why should this be a high priority project?

Privacy

Privacy Compliance Personal data Risk

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy

Data Privacy Privacy Compliance Analytics

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy

Privacy GDPR Data breaches Risk

Leading Antitrust and Consumer Protection Lawyer Sean Royall Joins Sidley

Data Matters

FEBRUARY 11, 2022

Sean’s practice focuses on antitrust and consumer protection litigation and government investigations. Sean, who has spent his entire career handling complex antitrust litigation matters and government investigations, is among the country’s most experienced and highly regarded antitrust lawyers.

Government

Government Financial Services Privacy Marketing

Tackling Data Sovereignty with DDR

Security Affairs

JUNE 20, 2023

Those who fail to take a proactive approach to secure their data often learn the hard way how vulnerable – and valuable – that data can be. Data sovereignty plays a crucial role in a robust security strategy. When data is sovereign, an organization retains control and ownership over that data.

Compliance

Compliance Cybersecurity Risk Encryption

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. First American Financial Corp.

Insurance

Insurance Risk Financial Services Mining

Navigating the digital wave: Understanding DORA and the role of confidential computing

IBM Big Data Hub

FEBRUARY 5, 2024

The Digital Operational Resilience Act (DORA) marks a significant milestone in the European Union’s (EU) efforts to bolster the operational resilience of the financial sector in the digital age. Ensuring end-to-end Protection To achieve total data privacy assurance, a key component is confidential computing and cryptography.

Encryption

Encryption Data Privacy Compliance Cloud

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. It includes multi-disciplinary risk and compliance management solutions and tools, including: IT & security risk management. Third-party governance.

Compliance

Compliance Risk Government Retail

Collibra Data Intelligence: tackle 2023’s biggest data challenges

Collibra

JANUARY 31, 2023

The impact of regulation Growing regulation makes data privacy, protection, and transparency non-negotiable. Privacy and protection regulations are growing in numerous industries (such as financial services) and geographic regions (including the EU, Australia, California, and Nevada). It’s not just governments.

Digital transformation

Digital transformation Data Privacy Privacy Cloud

Peter Marta, Former Global Head of Cybersecurity Law at JPMorgan joins Hogan Lovells Privacy and Cybersecurity Practice

HL Chronicle of Data Protection

JULY 15, 2019

Hogan Lovells announced today that Peter Marta , the former global head of Cybersecurity and Global Security and Investigations Legal for JPMorgan Chase and Co., has joined our Privacy and Cybersecurity practice as a partner. Pete is an established leader in the banking and financial services sectors.

Cybersecurity

Cybersecurity Privacy Financial Services Government

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

Hunton Privacy

JULY 5, 2023

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published an updated proposed Second Amendment (“Amendment”) to its Cybersecurity Regulation, 23 NYCRR Part 500. As described below, senior governing bodies would have new oversight responsibilities under the amendments.

Cybersecurity

Cybersecurity IT Compliance Financial Services

Congratulations to Sidley’s Newest Partners!

Data Matters

DECEMBER 16, 2019

Kate has strong experience involving complex privacy and data security matters and represents several large, multinational companies, as well as startups, in the healthcare, technology and financial services sectors, among others. appeared first on Data Matters Privacy Blog. Roberts, Jr. on the U.S.

Energy and Utilities

Energy and Utilities Privacy Financial Services Data Privacy

How can banks succeed in the digital banking era?

Thales Cloud Protection & Licensing

NOVEMBER 22, 2021

Consumers have come to expect a hyper-personalized experience that is fast, convenient and secure. Banks have adopted technologies to enable: Secure, remote, multi-device banking transactions. Secure digital payments leveraging biometrics, tokens, and context-based security. Data security. Tue, 11/23/2021 - 06:13.

Digital transformation

Digital transformation Financial Services Customer Experience Risk

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

This past year was marked by ever more significant data breaches, growing cybersecurity regulatory requirements at the state and federal levels and continued challenges in harmonizing international privacy and cybersecurity regulations. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

News Alert: W3C advances technology to streamline payment authentication

The Last Watchdog

JUNE 15, 2023

The World Wide Web Consortium today announced a standardization milestone for a new browser capability that helps to streamline user authentication and enhance payment security during Web checkout. Publication of Secure Payment Confirmation as a Candidate Recommendation indicates that the feature set is stable and has received wide review.

Authentication

Authentication Communications Financial Services Retail

MY TAKE: Coping with security risks, compliance issues spun up by ‘digital transformation’

The Last Watchdog

AUGUST 22, 2019

A core security challenge confronts just about every company today. While the benefits of DX are highly-touted , this shift has also spawned a whole new tier of unprecedented privacy and security challenges. The cloud is kind of dragging this movement along and DevOps and security are center stage, at the moment.”

Digital transformation

Digital transformation Compliance Risk Security

Google Yanks 106 ‘Malicious’ Chrome Extensions

Threatpost

JUNE 18, 2020

Trojan Chrome browser extensions spied on users and maintained a foothold on the networks of financial services, oil and gas, media and entertainment, healthcare and pharmaceuticals and government organizations.

Healthcare

Healthcare Financial Services Government Communications

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy

Privacy GDPR Data breaches Risk

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

BEST PRACTICES: Rising complexities of provisioning identities has pushed ‘IGA’ to the fore

The Last Watchdog

APRIL 3, 2019

Identity governance and administration, or IGA , has suddenly become a front-burner matter at many enterprises. Related: Identity governance issues in the age of digital transformation. I had the chance at RSA 2019 to visit with Mike Kiser, global strategist at SailPoint , an Austin, TX-based supplier of IGA services to discuss this.

Digital transformation

Digital transformation Insurance Compliance Healthcare

China: Navigating China episode 16: New data lifecycle guidelines for financial institutions in China – detailed assessments, additional security measures and some data localisation introduced

DLA Piper Privacy Matters

APRIL 20, 2021

This introduces a data lifecycle security framework, and represents the key guideline for handling personal and other financial information by financial institutions (i.e. similar to the PIS Specification, but focused on the banking and financial services industry). Level 3: personal financial information.

Compliance

Compliance Security Financial Services Data collection

Top 12 Cloud Security Best Practices for 2021

eSecurity Planet

SEPTEMBER 10, 2021

From the very beginning of the cloud computing era, security has been the biggest concern among enterprises considering the public cloud. In addition, 95 percent of survey respondents confirmed that they are extremely to moderately concerned about public cloud security. What is cloud security?

Cloud

Cloud Security Encryption Risk

Data Protection in Financial Services Week 2022

Security Compliance & Data Privacy Regulations

Webinars

Trending Sources

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

Webinars

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Market Leading Cybersecurity and National Security Lawyers David Lashway and John Woods Join Sidley in Washington, D.C.

Building for operational resilience in the age of AI and hybrid cloud

CFPB’s Proposed Data Rules

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Resecurity Released a 2024 Cyber Threat Landscape Forecast

NY Department of Financial Services Issues Reminder for Cybersecurity Filing Deadline

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

UK Government and the Dubai International Financial Centre Issue Joint Statement on Data Bridge

Data Privacy Day: Why Protecting Data Matters to Your Bottom Line

IBM Cloud delivers enterprise sovereign cloud capabilities

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Delivering security and scalability in today’s business landscape requires more than setting up a front line of defense

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

Navigating the EU-US Data Protection Framework

The aftermath of an incident – why keeping records of data breaches and privacy incidents matters

The aftermath of an incident – business considerations surrounding record-keeping

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

The Privacy Officers’ New Year’s Resolutions

Leading Antitrust and Consumer Protection Lawyer Sean Royall Joins Sidley

Tackling Data Sovereignty with DDR

First American Financial Pays Farcical $500K Fine

Navigating the digital wave: Understanding DORA and the role of confidential computing

Top 10 Governance, Risk and Compliance (GRC) Vendors

Collibra Data Intelligence: tackle 2023’s biggest data challenges

Peter Marta, Former Global Head of Cybersecurity Law at JPMorgan joins Hogan Lovells Privacy and Cybersecurity Practice

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

Congratulations to Sidley’s Newest Partners!

How can banks succeed in the digital banking era?

Privacy and Cybersecurity Top 10 for 2018

News Alert: W3C advances technology to streamline payment authentication

MY TAKE: Coping with security risks, compliance issues spun up by ‘digital transformation’

Google Yanks 106 ‘Malicious’ Chrome Extensions

The Privacy Officers’ New Year’s Resolutions

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

BEST PRACTICES: Rising complexities of provisioning identities has pushed ‘IGA’ to the fore

China: Navigating China episode 16: New data lifecycle guidelines for financial institutions in China – detailed assessments, additional security measures and some data localisation introduced

Top 12 Cloud Security Best Practices for 2021

Stay Connected