Financial Services, Government and Training - Information Management Today

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

Data Protection Report

NOVEMBER 8, 2023

On November 1, 2023, the New York Department of Financial Services (“NYDFS”) released the finalized amendments of Part 500 of its cybersecurity regulations. The Amendment also includes new governance requirements and responsibilities applicable to the CISO of all covered entities.

Financial Services

Financial Services Cybersecurity Compliance Government

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Rocket Software

MARCH 14, 2022

Analyst firm IDC recently published a Vendor Spotlight report featuring ASG Mobius Content Services (Mobius) and its applications in the financial service and insurance industries. Solving these challenges requires employee training and prioritization of documents to manage the increasingly high volume.

Financial Services

Financial Services Insurance Digital transformation Paper

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. Cybersecurity Governance. The proposed amendments revise several aspects of the draft Cybersecurity Rule amendments released on July 29, 2022.

Financial Services

Financial Services Cybersecurity Ransomware Compliance

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

What can AI and generative AI do for governments?

IBM Big Data Hub

SEPTEMBER 20, 2023

When implemented in a responsible way—where the technology is fully governed, privacy is protected and decision making is transparent and explainable—AI has the power to usher in a new era of government services. AI’s value is not limited to advances in industry and consumer products alone.

Government

Government Artificial Intelligence Privacy Digital transformation

Automated governance and trustworthy AI

IBM Big Data Hub

JUNE 7, 2022

Governments and regulatory bodies around the world are working to establish safety standards. The proposed rules aim to govern automated valuation models to protect borrowers. The announcement highlighted the crucial role of training data, and the terrible consequences of using data that “fails to represent American society.”.

Government

Government Financial Services Compliance Cloud

AI Governance: Why our tested framework is essential in an AI world

Collibra

AUGUST 14, 2023

As we speed into a new AI era, there’s a critical element that’s often missing when organizations rush forward in hyper-competitive markets to build scalable, trusted AI programs — and that’s AI governance. An AI governance framework offers a blueprint for how to create successful AI products.

Government

Government Risk Financial Services Compliance

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. Lacewell stated that cybersecurity is the biggest risk for government and private organizations and described how the Framework is based on “extensive dialogue with industry and experts.”. The Framework. 1 See W.B.

Insurance

Insurance Financial Services Cybersecurity Risk

From principles to actions: building a holistic approach to AI governance

IBM Big Data Hub

SEPTEMBER 27, 2022

Whether it be financial services, employee hiring, customer service management or healthcare administration, AI is increasingly powering critical workflows across all industries. AI governance: From principles to actions. Sometimes an organization’s need is more tied to organizational AI governance.

Government

Government Compliance Data science Financial Services

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Security Affairs

MAY 24, 2023

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against four entities and one individual for their role in malicious cyber operations conducted to support the government of North Korea. ” reads the announcement. correspondent or payable-through account sanctions.”

Government

Government Military Financial Services IT

Finance sector must simplify staff awareness training

IT Governance

APRIL 11, 2019

Financial services firms must do more to educate employees about cyber security, according to the FCA (Financial Conduct Authority). Organisations need to make staff awareness training a board-level priority. Staff awareness training is a crucial part of this.

Retail

Retail Risk Education Financial Services

UK Government sets out proposals to shake up UK data protection laws

Data Protection Report

SEPTEMBER 28, 2021

On 10 September 2021, the UK Government published its consultation paper on proposals to reform the UK’s data protection regime. On legitimate interests, the Government proposes disapplying the legitimate interest balancing test for certain activities. The deadline for responding to the consultation is 19 November 2021.

Government

Government FOIA GDPR Compliance

Top 6 Best Practices for Data Governance

Collibra

MARCH 11, 2021

Data governance is a very intricate field, so implementing and sustaining data governance comes with a suite of challenges. Luckily, thousands, if not millions, of organizations use data governance to improve their operations, so you can learn from others’ mistakes and successes. Focus on the operating model.

Government

Government Communications Insurance Customer Experience

6 best practices for a data governance strategy

Collibra

APRIL 11, 2022

Data governance is a very intricate field, so implementing and sustaining data governance comes with a suite of challenges. Luckily, thousands, if not millions, of organizations use data governance to improve their operations, so you can learn from others’ mistakes and successes. What are data governance best practices?

Government

Government Communications Insurance Customer Experience

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

IBM Big Data Hub

DECEMBER 18, 2023

For organizations of all types—and especially those in highly regulated industries such as financial services, government, healthcare and telco—considerations including the rise of generative AI, evolving regulations and data sovereignty laws and ongoing security challenges must be top of mind.

Cloud

Cloud Financial Services Compliance Digital transformation

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

$8 million penalty to NYDFS – and another case of over-retention

Data Protection Report

JANUARY 18, 2024

On January 3, 2024, the New York Department of Financial Services announced a consent order with GGT, where GGT agreed to pay NYDFS $8 million and to surrender its BitLicense (for cryptocurrency trading), due to alleged violations of NYDFS’ cybersecurity and its virtual currency regulations.

Cybersecurity

Cybersecurity Financial Services Compliance Encryption

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

The IBM 2023 Cost of a Data Breach Report , for example, highlights the continuous financial burden on retailers, which, coupled with potential reputational damage, emphasizes the dire need for retailers to prioritize and bolster their cybersecurity measures. Governments: Look to global benchmarks.

Retail

Retail Cybersecurity Financial Services Encryption

#ModernDataMasters: Nicola Askham, The Data Governance Coach

Reltio

SEPTEMBER 24, 2019

Nicola Askham is the leading data governance training provider in the UK with over 16 years of experience and research in the field. She delivers training and consulting to major organisations to help them implement full data governance frameworks. ” However, I got into data governance totally by accident.

Government

Government Digital transformation Big data IT

Risk Management under the DORA Regulation

IT Governance

NOVEMBER 23, 2023

Perhaps even more concerning to EU lawmakers is how dependent society at large is on banking and other financial services. In turn, financial institutions heavily depend on ICT to be able to provide those services to begin with. That really shouldn’t surprise us – these are lucrative targets for cyber criminals.

Risk

Risk Data breaches Authentication Financial Services

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

EvilProxy phishing campaign targets Microsoft 365 accounts via indeed.com A phishing campaign identified by Menlo Security has been targeting senior executives in various industries – most notably banking and financial services, property management and real estate, and manufacturing – since July.

Phishing

Phishing Financial Services Manufacturing Personal data

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. IT governance and security. Financial reporting compliance. Privacy governance and management. Audit management.

Compliance

Compliance Risk Government Retail

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

See the Top Governance, Risk and Compliance (GRC) Tools. Other industry standards too can have the force of “pseudo-law” – notably, the NIST Cybersecurity Framework, which federal regulators often apply to financial-services firms and government contractors. See the Best Cybersecurity Awareness Training for Employees.

Data Privacy

Data Privacy Compliance Privacy Security

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business

Thales Cloud Protection & Licensing

DECEMBER 20, 2023

This development model enables enterprises to conduct model training and processing directly at the edge or on-premises. By moving computation and model training to the edge, organizations can train their models locally without uploading datasets to hyperscalers or relying on foundational models.

Cybersecurity

Cybersecurity Blockchain Artificial Intelligence Encryption

How to responsibly scale business-ready generative AI

IBM Big Data Hub

JUNE 26, 2023

Possibilities are growing that include assisting in writing articles, essays or emails; accessing summarized research; generating and brainstorming ideas; dynamic search with personalized recommendations for retail and travel; and explaining complicated topics for education and training. What is watsonx.governance?

Retail

Retail Compliance Risk Education

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Consider installing and using a VPN.

Ransomware

Ransomware Passwords Encryption Financial Services

Tackling Data Sovereignty with DDR

Security Affairs

JUNE 20, 2023

Data sovereignty also encompasses the rights and regulations governing data storage, processing, and transfer and often intersects with privacy, security, and legal considerations. Understanding Data Sovereignty Data sovereignty has emerged as a critical concern for businesses worldwide in today’s interconnected digital landscape.

Compliance

Compliance Cybersecurity Risk Encryption

How Long Should I Keep This Business Record For?

AIIM

MARCH 3, 2020

Too often I hear one of two, equally bad answers: Keep Records for Seven years: This seems to be the de facto answer, especially for financial services records. Internal Revenue Service rules around when they can audit individual and corporate tax returns. As near as I can tell, this comes from the U.S. And they will!

Records Management

Records Management Financial Services Big data Analytics

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021. Companies should consider implementing training processes to ensure that information security personnel understand cybersecurity disclosure requirements, especially as stated in the Guidance.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

Capital Markets, AI, and the need for governance

Collibra

OCTOBER 31, 2023

With every financial services organization focused on making better and faster decisions, data professional and business leaders are eager to better understand how AI can facilitate their strategic goals. Financial services orgs, especially those in capital markets, frequently has been on the forefront of generative AI investment.

Marketing

Marketing Government Financial Services Artificial Intelligence

The aftermath of an incident – business considerations surrounding record-keeping

Data Protection Report

AUGUST 2, 2022

Organizations should also be aware of sector-specific statutory obligations which may apply to them, for example in health or financial services industries. For a purchaser, records of privacy incidents provide valuable information about the vendor’s privacy governance structure. Risk management and mitigation.

Compliance

Compliance Privacy Risk Financial Services

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

Likewise, the New York State Department for Financial Services regulations requires relevant entities to have appropriate record retention policies and procedures. A policy or standard needs to be set, which is then explained by training and is measured. How do you build an effective information governance program?

Privacy

Privacy Compliance Personal data Risk

Hundreds of malicious Chrome browser extensions used to spy on you!

Security Affairs

JUNE 20, 2020

Malicious Chrome browser extensions were used in a massive surveillance campaign aimed at users working in the financial services, oil and gas, media and entertainment, healthcare, government organizations, and pharmaceuticals. The tech giant removed over 100 Chrome browser extensions from the official Web Store.

Healthcare

Healthcare Financial Services Communications Security

Turning climate risks into business opportunities

IBM Big Data Hub

MARCH 27, 2024

In some business sectors, such as financial services, fast-moving consumer goods and healthcare, business interruptions can have a significant detrimental impact on daily life. Their state governments must order electricity for their citizens in advance, and they used to predict demand manually by using spreadsheets.

Risk

Risk Artificial Intelligence Agriculture Financial Services

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

IBM Big Data Hub

JANUARY 10, 2024

Some example use cases to highlight: Confidential AI: leverage trustworthy AI and while ensuring the integrity of the models and confidentiality of data Organizations leveraging AI models often encounter challenges related to the privacy and security of the data used for training and the integrity of the AI models themselves.

Security

Security Cloud Data Privacy Financial Services

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk

Risk Financial Services Insurance Cybersecurity

What is Cybersecurity Risk Management?

eSecurity Planet

FEBRUARY 11, 2022

Rather than doors, locks and vaults, IT departments rely on a combination of strategies, technologies, and user awareness training to protect an enterprise against cybersecurity attacks that can compromise systems, steal data and other valuable company information, and damage an enterprise’s reputation. What is Cybersecurity Risk Management?

Risk

Risk Cybersecurity Encryption Access

NYDFS issues significant guidance on insurers using AI or external data

Data Protection Report

FEBRUARY 2, 2024

On January 17, 2024 the New York Department of Financial Services (“NYDFS”) published a Proposed Insurance Circular Letter (“Proposed Circular”) regarding the use of artificial intelligence systems (“AIS”) and external consumer data and information sources (“ECDIS”) in insurance underwriting and pricing.

Insurance

Insurance Artificial Intelligence Risk Compliance

BIPA Year in Review: Where Are We Now and What’s Coming Next?

Data Protection Report

NOVEMBER 16, 2022

BIPA exempts certain types of entities, namely, organizations that are governed by certain federal laws including the X-Ray Retention Act, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), and the Gramm-Leach-Bliley Act (“GLBA”). Who is covered by BIPA? 740 ILCS 14/25(b)-(c). DePaul University , Case No.

Financial Services

Financial Services Privacy Compliance Insurance

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

KnowBe4

MARCH 28, 2023

Security awareness training still has a place to play here." New-school security awareness training with simulated phishing tests enables your employees to recognize increasingly sophisticated phishing attacks and builds a strong security culture. Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users.

Phishing

Phishing Security awareness Insurance Cybersecurity

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

KnowBe4

FEBRUARY 14, 2023

This means you have a bunch of users that unwittingly follow a set of unusual and unnecessary clicks that they should know better than to follow – something they learn very quickly if they are enrolled in new-school security awareness training. Blog post with links: [link] Are Your Users Making Risky Security Mistakes? You're not alone.

Phishing

Phishing Security awareness Compliance Risk

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

These new attacks affect everything from private citizens and businesses to government systems; healthcare organizations; public services; and food, water, and fuel supply chains. Capital markets, insurance, financial services, and banking are now online. Cybersecurity training and awareness. Other methods.

Ransomware

Ransomware Cybersecurity Phishing Encryption

Russia-Ukraine cyber conflict poses critical infrastructure at risk

Security Affairs

MARCH 14, 2022

Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial services, government facilities, nuclear reactors, and critical manufacturing. ” reported researchers from Cyble. We continue to help Ukrainians in their fight against Russian occupation forces.

Risk

Risk Financial Services Manufacturing Communications

The compliance challenges of hybrid working

IT Governance

AUGUST 26, 2021

For example, financial services firms may be worried about employees breaching insider trading laws. However, to meet your compliance requirements, you need to conduct regular staff awareness training to help employees respond appropriately.

Compliance

Compliance Data breaches Privacy Risk

NYDFS releases major update to Part 500 cybersecurity requirements for financial services companies

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Webinars

Trending Sources

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Webinars

What can AI and generative AI do for governments?

Automated governance and trustworthy AI

AI Governance: Why our tested framework is essential in an AI world

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

From principles to actions: building a holistic approach to AI governance

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Finance sector must simplify staff awareness training

UK Government sets out proposals to shake up UK data protection laws

Top 6 Best Practices for Data Governance

6 best practices for a data governance strategy

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

$8 million penalty to NYDFS – and another case of over-retention

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity

#ModernDataMasters: Nicola Askham, The Data Governance Coach

Risk Management under the DORA Regulation

Catches of the Month: Phishing Scams for October 2023

Top 10 Governance, Risk and Compliance (GRC) Vendors

Security Compliance & Data Privacy Regulations

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business

How to responsibly scale business-ready generative AI

Avoslocker ransomware gang targets US critical infrastructure

Tackling Data Sovereignty with DDR

How Long Should I Keep This Business Record For?

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Capital Markets, AI, and the need for governance

The aftermath of an incident – business considerations surrounding record-keeping

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Hundreds of malicious Chrome browser extensions used to spy on you!

Turning climate risks into business opportunities

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

What is Cybersecurity Risk Management?

NYDFS issues significant guidance on insurers using AI or external data

BIPA Year in Review: Where Are We Now and What’s Coming Next?

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

What is a Cyberattack? Types and Defenses

Russia-Ukraine cyber conflict poses critical infrastructure at risk

The compliance challenges of hybrid working

Stay Connected