The importance of data quality in Financial Services


Financial services are highly regulated and maintain a strong focus on compliance and risk management. Considering that major financial organizations handle enormous amounts of data today, they require data accuracy and integrity at all times to minimize risks.

New York Department of Financial Services Released New Guidance Addressing COVID-19 Related Cybersecurity Risks

HL Chronicle of Data Protection

Continuing its focus on COVID-19’s impact on its regulated entities, on April 13, the New York Department of Financial Services (NYDFS) released new cybersecurity guidance in response to the COVID-19 pandemic.


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. This includes not only recruitment of those with cybersecurity experience and skills but a commitment by insurers to these employees’ training and development so as to “properly understand and evaluate cyber risk.”. The post New York Department of Financial Services Issues First Guidance by a U.S.

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Finally, risk assessments should also inform regular cybersecurity awareness training for all personnel.

NY Department of Financial Services Issues Guidance to Regulated Entities Regarding Cybersecurity During the COVID-19 Pandemic

Hunton Privacy

On April 13, 2020, the New York Department of Financial Services (“NYDFS”) issued guidance (“April guidance”) to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic.

NYDFS 500: Why the Regulation?

Perficient Data & Analytics

Previously, I discussed data privacy laws, specifically involving New York State Department of Financial Services (NYDFS) 23 NYCRR 500. Audit Trail: Securely maintain systems that (1) are designed to reconstruct material financial transactions sufficient to support normal operations and obligations of the covered entity; and (2) include audit trails designed to detect and respond to harmful cybersecurity events.

Artificial Intelligence Is Set to Rewrite the Rules of Insurance


The last thing an insurer wants to do is put the customer on hold while a service representative sifts through history files. Financial Services Training & Awareness artificial intelligence insurance claims insurance industry machine learningFew industries stand to gain as much by adopting artificial intelligence as insurance.

AllianceBernstein’s Mobile App Empowers Sales Teams in Real Time

Perficient Data & Analytics

The solution required no user training, yet is being used to support complex seller/client relationships and complex product sales in a highly competitive environment. . Cloud Data & Analytics Development Financial Services Integration & IT Modernization MicroStrategy Mobile Salesforce alliancebernstein dreamforce field sales Sales sales app salesforce simonHow to Best Enable On-the-Go Sellers.

Sales 41

How Microsoft Word “Protected View” Stops Information Leaks

Perficient Data & Analytics

Unfortunately, this also trains the user to click the “Enable Editing” button if he or she simply wants to view the complete document, and it is at that moment that a potential attack can succeed. Make sure you use two-factor authentication for all services that offer them. Never re-use passwords across services. Microsoft Word has long offered support for loading images and templates over the network.

#ModernDataMasters: Lewis Ownes, CEO Agile Solutions


In the early days I worked in data transformation for data into banks through digital printing – amazing that I trained to do all these elaborate hand-crafted books and ended up doing cheque books! Uncategorized B Compliance & GDPR B Consumer 360 B Customer 360 B Digital Transformation B Financial Services & Insurance B Healthcare B High-Tech & Manufacturing B IT B Business B Life Sciences B Machine Learning B Patient & Member 360 B Retail & CPG

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

For example, the New York Department of Financial Services (‘NYDFS’) in March 2017 issued its Cybersecurity Regulation (23 NYCRR 500) (‘the NYDFS Cybersecurity Regulation’), a groundbreaking and far-reaching regulatory regime focused on financial institutions licensed in New York, including insurance companies. Train employees : Licensees must provide security awareness training to employees.

#ModernDataMasters: Steve Whiting, Chief Operations Officer


I was trained in Oracle relational databases and GUI tools to deliver group-wide Banking Systems. Service-based business & technology enablers such as IaaS / IPaaS (Integration as a Service), DQaaS (Data Quality as a Service), DMaaS (Data Migration as a Service) etc. For example, look at Lyft’s IPO – they see a future where you no longer need to own a product to enjoy its benefits and where users simply leverage a comparative service instead.

MDM 40

Linux Foundation expands open source certification program

Information Management Resources

It has seen massive acceptance in almost every sector, including financial services, government, education and even film production. Hardware and software Training Career advancement Online learningLinux is the largest and most pervasive open source software project in the history of computing.

New York State imposes a $1.5 million penalty in cybersecurity breach case

Data Protection Report

On March 3, 2021, the New York Department of Financial Services (NYDFS) announced a Consent Order with a NYDFS-licensed Maine-based mortgage banker and loan servicer settling alleged violations of the NYDFS cybersecurity regulations. (

How organizations are navigating the COVID-19 pandemic


One executive from a major financial institution discussed how access, flexibility and connection all play a major role in how her organization continues to adapt to the pandemic and, ultimately, the new normal.

Executive Exchange “Round Up” – Rethinking How We Work


Bill Meaney, our CEO and President, spoke candidly about our global response to the pandemic – steps put in place to continue to service our customers as well as developing new solutions, such as digital mailrooms, while keeping our employees safe.

SHARED INTEL: Akamai reports web attack traffic spiked 62 percent in 2020 — all sectors hit hard

The Last Watchdog

billion hitting financial services organizations — an increase of more than 45 percent year-over-year in that sector. billion web app attacks last year, with more than 736 million targeting financial services. However, in the financial services industry, LFI attacks were the number one web application attack type in 2020 at 52 percent, with SQLi at 33 percent and Cross-Site Scripting at 9 percent. Criminals even offer training to those who are new.

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

Related: Why diversity in training is a good thing. He came up with a new approach to testing and training the bank’s employees – and the basis for a new company, LucySecurity. Rudimentary training in which employees are required to periodically sit through a mandatory lecture on the dangers of phishing simply are cutting it in this environment, and more organizations, like the Swiss bank, are coming to that realization.

NEW TECH: Security Compass streamlines the insertion of security best practices into DevOps

The Last Watchdog

Over the years processes, training and tooling to account for data privacy and data integrity have been woven in, driven by data breach lawsuits and the rise of data handling regulations. LW provides consulting services to the vendors we cover.).

MY TAKE: Why companies and consumers must collaborate to stop the plundering of IoT systems

The Last Watchdog

IoT devices help remotely control our household appliances, power plants, smart buildings, factories, airports, shipyards, trucks, trains and military. Mirai ultimately was used to carry out massive Distributed Denial of Service (DDoS) attacks.

IoT 182

NYDFS Issues Ransomware Guidance Outlining Expected Security Controls

Hunton Privacy

On June 30, 2021, the New York State Department of Financial Services (“NYDFS,” the “Department”) issued guidance to all New York state regulated entities on ransomware (the “Guidance”), identifying controls it expects regulated companies to implement whenever possible.

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection. One might assume top-tier financial services firms and healthcare vendors would have solved third-party cyber exposures by now.

Risk 129

SHARED INTEL: ‘Credential stuffers’ leverage enduring flaws to prey on video game industry

The Last Watchdog

When you have a victim that came from a phishing attack on the financial services industry for example, and then later you obtain that victim’s gaming details, if there is a match on email addresses, username, address, etc. This is in addition to implementation costs and upkeep, as well as training. You get an email, click the link, and you’re able to access the application or service.

How Long Should I Keep This Business Record For?


Too often I hear one of two, equally bad answers: Keep Records for Seven years: This seems to be the de facto answer, especially for financial services records. Internal Revenue Service rules around when they can audit individual and corporate tax returns.

Combat the increasing ransomware threat by educating employees

IT Governance

Healthcare was the most affected industry (76%) and financial services the least (45%). End users – and human error – is so often the weakest link in your security, but well-trained users can be your strongest asset.” Have you provided ransomware training? Staff awareness training can often be overlooked, but even basic training has the potential to prevent future security incidents.

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

The Order alleges that this vulnerability exposed over 800 million images dating back to 2003, including sensitive personal data, such as Social Security numbers and financial information. Train Information Security Personnel to Follow Policies and Procedures Concerning the Disclosure of Material Issues: The Order alleges that First American’s CISO and CIO failed to inform the company’s senior executives of their prior knowledge of the vulnerability.

Risk 64

Change Management: Enterprise Architecture for Managing Change


Even industries historically resistant to it, such as financial services and healthcare, are now transforming proactively and at a rapid rate.

Hundreds of malicious Chrome browser extensions used to spy on you!

Security Affairs

Malicious Chrome browser extensions were used in a massive surveillance campaign aimed at users working in the financial services, oil and gas, media and entertainment, healthcare, government organizations, and pharmaceuticals.

NYDFS settles cybersecurity regulation matter for $3 million

Data Protection Report

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. Training and monitoring materials.

4 Ways to Get a Successful Start in Artificial Intelligence

Perficient Data & Analytics

First, you need to understand the value, natural progression, and logical order to training AI platforms. Then, you can leverage economies of scale if you train efficiently. Train Efficiently. Deploying an AI solution typically follows a natural progression, similar to training a new hire. Your users can benefit from economies of scale by identifying the areas of expertise and the order in which to train your AI system on those areas.

NEW TECH: Cequence Security’s new ‘API Sentinel’ helps identify, mitigate API exposures

The Last Watchdog

Related: Defending botnet-driven business logic hacks APIs made possible the astounding cloud, mobile and IoT services we have today. APIs come into play again, when each new business and consumer app is put into service. A great example of this, Keil points out, is the Open Financial Exchange ( OFX , ) the data-stream format that enables wire transfers to be carried out across the Internet. OFX is the financial service industry’s standard for transferring funds,” he says.

Report shows increase in social engineering

IT Governance

The report found that about 55% of social media attacks that impersonated customer-support accounts specifically targeted the customers of financial services companies. It is now more important than ever to train your staff on the risks of phishing attacks. Proofpoint’s The Human Factor 2018 Report revealed that over the past year, cyber criminals have continued to increase their use of social engineering, building up the number of attacks that rely on human interaction.

The Importance of EA/BP for Mergers and Acquisitions


Knowledge retention and training has become a pivotal area in which businesses will either succeed or fail. Industry-specific regulations in areas like healthcare, pharmaceuticals and financial services have been in place for some time. In highly regulated industries like financial services and pharmaceuticals, where mergers and acquisitions activity is frequent, identifying and standardizing business processes meets the scrutiny of regulatory compliance.

Ireland: DPC Annual Report 2020: Enforcement & Transfers Dominate Agenda

DLA Piper Privacy Matters

The DPC recommends that organisations: undertake periodic reviews of their IT security measures; implement a comprehensive training plan for employees; and. support with refresher training and awareness programmes. Financial Services Sector Focus.


Who’s Behind the ‘Web Listings’ Mail Scam?

Krebs on Security

after receiving what looked like a bill for search engine optimization (SEO) services rendered on behalf of their domain names. The missives appear to be an $85 bill for an “annual search engine listing” service. 2019 a director in HMGT Services Ltd.

Sales 200

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Data Matters

The Cybersecurity Guidance is set forth in three parts: Tips for Hiring a Service Provider , directed toward plan sponsors and fiduciaries. Cybersecurity Program Best Practices (Best Practices), directed at recordkeepers and other service providers responsible for plan-related IT systems and data as well as plan fiduciaries evaluating service providers’ cybersecurity programs. Obligations of Service Providers Responsible for Plan-Related IT Systems and Data.

A major cyber attack is a matter of when, not if

IT Governance

A C1 attack is one that might cripple infrastructure such as energy supplies and the financial services sector. Steve Malone, director of security product management at Mimecast, said: “Despite the educational efforts of security companies and government so far, it’s clear that organisations need more support and training fast.”.

NYDFS Files First Cybersecurity Enforcement Action

Hunton Privacy

On Wednesday, July 22, the New York Department of Financial Services (the “NYDFS”) announced that it had filed administrative charges against First American Title Insurance Co. b): The requirement to provide regular cybersecurity awareness training for all personnel as part of the covered entity’s cybersecurity program, and to update such training to reflect risks identified by the covered entity in its risk assessment.

How Your Company Can Prevent a Cyberattack

Adam Levin

There is a critical mass of options out there for cybersecurity employee training, online and otherwise. They may offer continuous training programs to help thwart phishing attacks and malware infections. Other companies offer training courses as part of the onboarding process, and it should go without saying that at this point in the story arc of cyber insecurity, any enterprise that doesn’t secure employee devices during the onboarding process is courting disaster.

Laserfiche Wins Gold in Best in Biz Awards 2017

Document Imaging Report

With customers in nearly every industry including government, education, financial services, manufacturing and health care, Laserfiche offers solutions tailored to organizations’ needs, and the expertise and personalized service that drive customer success. Laserfiche also provides in-person and online training, and educational and support resources such as user groups, workshops and webinars throughout the year.