Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. Penetration Testing, Vulnerability Assessments and Risk Assessments. The proposed amendments make significant changes to the technical requirements of the Cybersecurity Rule.

Financial Services 55

Financial Services Cybersecurity Ransomware Compliance 55

Data Matters

MARCH 28, 2022

OCR’s reminders and recommendations for regulated entities include to: assess and reduce risks and vulnerabilities to the availability of ePHI, which is defined as “the property that data or information is accessible and useable upon demand by an authorized person” pursuant to the HIPAA Security Rule. 45 CFR 164.308(a)(5)(i).

Cybersecurity 88

Cybersecurity Privacy Insurance Risk 88

The Last Watchdog

NOVEMBER 9, 2020

The challenge of the moment is that many companies already have their hands full trying to improve their security posture as they migrate their legacy, on premises, IT systems to the cloud. IoT risks have been a low-priority, subset concern. DigiCert is a leading supplier of digital certificates and related security services.

IoT 279

IoT Passwords Artificial Intelligence Risk 279

KnowBe4

FEBRUARY 14, 2023

This means you have a bunch of users that unwittingly follow a set of unusual and unnecessary clicks that they should know better than to follow – something they learn very quickly if they are enrolled in new-school security awareness training. Blog post with links: [link] Are Your Users Making Risky Security Mistakes?

Phishing 83

Phishing Security awareness Compliance Risk 83

HL Chronicle of Data Protection

MARCH 14, 2019

The Federal Trade Commission (“FTC”) issued notices on March 5 seeking public comment on proposed amendments to the regulations implementing the Gramm-Leach-Bliley Act (“GLBA”), commonly known as the Safeguards Rule and Privacy Rule. Periodic risk assessments. Specific information security measures. Service provider oversight.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

HL Chronicle of Data Protection

MAY 13, 2019

For example, the New York Department of Financial Services (‘NYDFS’) in March 2017 issued its Cybersecurity Regulation (23 NYCRR 500) (‘the NYDFS Cybersecurity Regulation’), a groundbreaking and far-reaching regulatory regime focused on financial institutions licensed in New York, including insurance companies.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

Data Matters

APRIL 23, 2018

A high-profile cyber incident may cause substantial financial and reputational losses to an organization, including the disruption of corporate business processes, destruction or theft of critical data assets, loss of goodwill, and shareholder and consumer litigation. Aligning cyber risk with corporate strategy.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60