Data Protection Report

OCTOBER 24, 2022

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020. At the time, EyeMed was rolling out MFA, but had not yet implemented it on the affected email box.

Cybersecurity 52

Cybersecurity Personal data Risk Financial Services 52

IT Governance

JANUARY 10, 2018

Traditional security measures such as firewalls and antivirus software are proving inadequate in the evolving threat landscape. According to a recent study from Invotra , the financial services industry and the public sector both fear sophisticated, harmful cyber threats in 2018.

Customer Experience 84

Customer Experience Financial Services GDPR Phishing 84

Hunton Privacy

JANUARY 3, 2017

On December 28, 2016, the New York State Department of Financial Services (“DFS”) announced an updated version of its cybersecurity regulation for financial institutions (the “Updated Regulation”). The Updated Regulation will become effective on March 1, 2017.

Cybersecurity 40

Cybersecurity Financial Services Authentication Information Security 40

Security Affairs

SEPTEMBER 10, 2018

Security experts from Kaspersky have observed the LuckyMouse APT group (aka Emissary Panda , APT27 and Threat Group 3390) using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. defense contractors and financial services firms worldwide. We informed the company about the issue via CN-CERT.”

Communications 69

Communications Financial Services Phishing Encryption 69

HL Chronicle of Data Protection

MAY 13, 2019

For example, the New York Department of Financial Services (‘NYDFS’) in March 2017 issued its Cybersecurity Regulation (23 NYCRR 500) (‘the NYDFS Cybersecurity Regulation’), a groundbreaking and far-reaching regulatory regime focused on financial institutions licensed in New York, including insurance companies.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

Hunton Privacy

JULY 17, 2015

The Proposed Regulation addresses the protection of personal data collected by a variety of government agencies, enumerates the rights of those whose personal data is collected and the obligations of users of Information Communication Technology. One potential weakness of the guidelines is their failure to define “public services.”

Personal data 40

Personal data Archiving Financial Services Communications 40

Hunton Privacy

MAY 13, 2011

Under the provisions, covered facilities would be mandated to develop cybersecurity plans to meet the risk-based standards. The plans would be required to be signed by a responsible corporate officer, audited by a third party and certified annually to the DHS or the Securities and Exchange Commission.

Cybersecurity 40

Cybersecurity Data breaches Information Security Financial Services 40

HL Chronicle of Data Protection

MARCH 14, 2019

Finally, the plan must require evaluation and revisions to it as necessary following a security event. Chief Information Security Officer (“CISO”). Specific information security measures. The proposed Rule is much more detailed in terms of security measures that FIs must implement.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

CGI

OCTOBER 25, 2015

All of this leads one to ask: In the midst of these heightened risks, increasing regulations and digital innovation, whose role is it to make sure that financial and personal data is kept safe? The answer is easy—all key players in the finance sector, including consumers, financial services providers and systems integrators.

IT 40

IT Security Digital transformation Compliance 40

Cyber Info Veritas

JULY 19, 2018

This is according to a recent survey conducted by Soha Systems, and according to one of the speeches delivered by the Superintendent of the New York State Department of Financial Services, Mr. Benjamin Lawsky, “ A company’s cybersecurity is only as strong as the cybersecurity of its third-party vendors ”.

Risk 40

Risk Cybersecurity Compliance Data breaches 40

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. It relies heavily on documenting all efforts to meet relevant standards, usually concerning data protection and privacy. See our in-depth look at RSA Archer.

Compliance 67

Compliance Risk Government Retail 67

Hunton Privacy

NOVEMBER 10, 2016

Telecommunication and technology companies were the most represented respondents, followed by insurance and financial services companies, as well as pharmaceutical and healthcare companies. and less than half operate in South America and Asia.

GDPR 45

GDPR Data Privacy Compliance Privacy 45

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. It relies heavily on documenting all efforts to meet relevant standards, usually concerning data protection and privacy. See our in-depth look at RSA Archer.

Compliance 57

Compliance Risk Government Retail 57

The Last Watchdog

FEBRUARY 25, 2019

“Our customers all have the pain point of wanting to have single sign-on for multiple applications, requiring capabilities like self-service and self-registration,” Curcio told Last Watchdog. Meeting compliance. They also require either adaptive authentication, or multi-factor authentication in many scenarios.”.

Access 169

Access Government Authentication Data breaches 169

IT Governance

MARCH 11, 2024

Enforcement ICO takes action against five public authorities under FOI Act The ICO (Information Commissioner’s Office) has taken action against five public authorities for failing to meet their obligations under the Freedom of Information Act.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

Data Matters

APRIL 23, 2018

Information security is not yet a science; outside of the handful of issues falling under the field of cryptography, there is no formalized system of classification. The most prepared cybersecurity programs of today will not attempt to implement a static, “out-of-the-box” solution to cyber risk. Principle 3. Principle 4.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

ForAllSecure

AUGUST 2, 2022

Anyone who has anyone in the information security community is usually melting under the hot Nevada sun. And by de I'm an analyst at Javelin strategy and research where I do security risk and fraud for the financial services industry. Yes, grasshoppers invaded Las Vegas at the start of hacker summer camp in 2019.

Computer and Electronics 40

Computer and Electronics IT Security Mining 40

KnowBe4

MAY 31, 2023

That's right – the financial services industry, at least according to cybersecurity vendor Armorblox's 2023 Email Security Threat Report. Yup – shoe store. The most money you can scam from a single attack? With PhishER, this number dropped to around 20, saving at least 12.5 hours of the IT department's time per month.

Phishing 81

Phishing File names Security awareness Risk 81

Data Matters

JUNE 5, 2018

The post President Trump Signs Financial Services Regulatory Reform Legislation appeared first on Data Matters Privacy Blog. The exemption is available to a depository institution for deposits in an aggregate amount that equals the lesser of (i) $5 billion and (ii) 20 percent of the depository institution’s total liabilities.

Financial Services 68

Financial Services Insurance Privacy Authentication 68

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. Cape Privacy addresses secure communication between organizations by building machine learning models on encrypted data. Talon Cyber Security. Cape Privacy.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142