GDPR, Insurance and Security - Information Management Today

British Airways GDPR Lawsuit: The Potential Impact

Data Breach Today

JANUARY 19, 2021

A Substantial Settlement Could Build Data Security Momentum British Airways could face a substantial compensation payout as a result of an ongoing group lawsuit over its 2018 data breach, the first of its kind under GDPR.

GDPR

GDPR Insurance Data breaches Security

Why Cyber Insurance is Essential in 2022

IT Governance

MAY 24, 2022

Organisations must always look for cost-effective ways to address the cyber security risks they face. With more than 1,200 publicly disclosed data breaches last year , and organisations spending almost £3 million on average responding to security incidents , effective risk management is a top priority. The benefits of cyber insurance.

Insurance

Insurance Data breaches GDPR Ransomware

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Data Protection Report

MARCH 21, 2023

The French Information and Digital Security Experts Club ( CESIN ) has estimated that 54% of French companies were subject to cyberattacks in 2021, [1] while France Assureurs has put cyberattack risks on top of all other risks for the sixth year in a row. [2] 12-10-1 into the French Insurance code. However, in the end, Article L.12-10-1

Insurance

Insurance Data breaches Personal data GDPR

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

How Much Cyber Liability Insurance Do You Need?

IT Governance

AUGUST 23, 2022

Cyber liability insurance helps organisations cover the financial costs of a data breach. Without insurance, organisations spend £3.6 million on average recovering from security incidents. By purchasing cyber liability insurance, organisations gain the resources they need at a fraction of the cost.

Insurance

Insurance Data breaches e-Delivery Risk

CIAM in insurance: A unified, secure user experience with a single login

Thales Cloud Protection & Licensing

MAY 26, 2023

CIAM in insurance: A unified, secure user experience with a single login madhav Fri, 05/26/2023 - 07:33 In recent years, the insurance industry has transformed from a singularly focused entity to a multi-brand or multi-service type of business. Adding value to the user experience (a top priority for 59% of insurers) 2.

Insurance

Insurance Digital transformation Security Authentication

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S. PIPL Raises the Bar – And the Stakes.

Data Privacy

Data Privacy Compliance Privacy Security

A guide to the GDPR for insurance companies

IT Governance

MAY 30, 2018

The EU General Data Protection Regulation (GDPR) is designed to harmonise data protection laws across the EU, but certain industries will have to respond differently in order to achieve compliance. A report published by research and consultancy company Celent highlights the challenges that the GDPR presents to insurers.

Insurance

Insurance GDPR Compliance Data collection

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

IT Governance

AUGUST 25, 2022

Lloyd’s of London has announced that its insurance policies will no longer cover losses resulting from certain nation-state cyber attacks or acts of war. In a memo sent to the organisation’s insurance syndicates , Underwriting Director Tony Chaudhry said that Lloyd’s remains “strongly supportive” of policies that cover cyber attacks.

Insurance

Insurance IT Government Risk

EUROPE: Are GDPR fines insurable in the countries where you operate?

DLA Piper Privacy Matters

MAY 17, 2018

DLA Piper and Aon have launched a guide ‘ The price of data security ‘, ahead of the General Data Protection Regulation (GDPR), effective from 25 May 2018. The guide reviews the insurability of GDPR fines across Europe, which can reach up to €20 million or, if higher, up to 4% of a group’s annual global turnover.

Insurance

Insurance GDPR Data breaches Personal data

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

The Last Watchdog

APRIL 30, 2019

I had the chance at RSA 2019 to visit with George Wrenn, founder and CEO of CyberSaint Security , a cybersecurity software firm that plays directly in this space. The CSF’s core principles have been incorporated into Europe’s GDPR , NYDFS’s cybersecurity requirement s, California’s Consumer Privacy Act and Ohio’s Data Protection Act.

Cybersecurity

Cybersecurity Insurance Security Privacy

What Is Information Security Management?

IT Governance

FEBRUARY 22, 2022

Information security management is a way of protecting an organisation’s sensitive data from threats and vulnerabilities. The process is typically embedded via an ISMS (information security management system) , which provides the framework for managing information security. Why is information security management important?

Information Security

Information Security Security Data breaches Risk

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR Compliance Starts with Data Discovery.

GDPR

GDPR Compliance Privacy Data Privacy

UK Information Commissioner’s Office Fines Construction Company £4.4 Million for Breach of Security Obligations

Hunton Privacy

OCTOBER 25, 2022

million fine to Interserve Group Limited for failing to keep employee personal data secure, which violates Article 5(1)(f) and Article 32 of the EU General Data Protection Regulation (“GDPR”), during the period of March 2019 to December 2020. On October 24, 2022, the UK Information Commissioner’s Office (“ICO”) issued a £4.4

Security

Security Personal data GDPR Insurance

62% of organisations unaware of the GDPR

IT Governance

FEBRUARY 23, 2018

There is an alarming lack of awareness across all industries about the EU General Data Protection Regulation (GDPR) , according to a government survey. As you would expect, larger organisations were more likely to be aware of the GDPR. Preparing for the GDPR. The survey split respondents into businesses and charities.

GDPR

GDPR Compliance Insurance Personal data

How to manage the growing costs of cyber security

IT Governance

SEPTEMBER 1, 2021

Cyber security is becoming an expensive endeavour for organisations – and in many cases, the costs are so high that they can’t deal with threats appropriately. However, it’s one thing to want to invest in cyber security, but something else entirely to set aside the budget to do so. What is cyber security as a service?

Security

Security GDPR Cloud Insurance

Automated Security and Compliance Attracts Venture Investors

eSecurity Planet

FEBRUARY 14, 2023

I remember the first time we were asked for a SOC 2 report, which quickly became the minimum bar requirement in our industry for proof of an effective security program,” he said. The vision was to automate security and compliance across 14 frameworks, including SOC 2, ISO 27001, HIPAA and GDPR. Growth has definitely been robust.

Compliance

Compliance Security Cybersecurity Marketing

Patch your vulnerabilities now or risk punishment under the GDPR

IT Governance

JANUARY 19, 2018

In the wake of the Meltdown and Spectre flaws revealed on 3 January 2018, the Information Commissioner’s Office (ICO) has warned that existing vulnerabilities could lead to punishment when the EU General Data Protection Regulation (GDPR) is enforced. Secure configuration. Retroactive punishment. These controls are: Patch management.

GDPR

GDPR Risk Insurance Government

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

The Cyber Security Breaches Survey 2018 from the Department for Digital, Culture, Media and Sport (DCMS) has revealed that only 38% of businesses and 44% of charities have heard of the General Data Protection Regulation (GDPR). Are your staff aware of the GDPR? Don’t let your staff be your downfall.

GDPR

GDPR Government Education Compliance

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

LockBit claims responsibility for Capital Health security incident The LockBit ransomware group has claimed responsibility for an attack on Capital Health , a healthcare provider in Pennington, New Jersey, last November. They accessed 41.5 The compromised data allegedly includes names, email addresses and phone numbers.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

The Last Watchdog

OCTOBER 29, 2018

The headlines immediately attempted to lay the blame, in large part, on the fact that Equifax’s chief information security officer was a music major and did not have a background in technology. The FTC considers that ‘reasonable security’ doesn’t mean ‘perfect security.’ Equifax was not special in this regard. Reduced penalties.

Security

Security Data Privacy Privacy Data breaches

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies. The group has diversified its activities into the banking and insurance, travel agency and e-commerce sectors.

GDPR

GDPR Personal data Data collection Marketing

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing. In recent years, costly breaches and evolving data security concerns have bubbled up to a board level agenda item. Data privacy is not a check-the-box compliance or security item. The problem is not limited to the requirements of GDPR.

Data Privacy

Data Privacy Privacy Security Encryption

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

With a mammoth GDPR fine handed out to Google last week, it’s time for organisations to reassess their understanding of the Regulation. We’re through the eye of the GDPR (General Data Protection Regulation) storm. The GDPR concerns personal data that is: Collected in an enterprise context; and. Some began to lose faith.

GDPR

GDPR Compliance Personal data Data breaches

How Defence in Depth Can Help Organisations Tackle Complex Cyber Security Risks

IT Governance

SEPTEMBER 13, 2022

It’s why many experts recommend taking a defence-in-depth approach to cyber security. . The basis of all cyber security defence programmes is threat detection. This approach identifies security vulnerabilities in computers, internal and external networks, and communications equipment. Stage 1: Detection. Stage 2: Protection.

Risk

Risk Security Data breaches Phishing

How to Manage Your Cyber Risks

IT Governance

OCTOBER 11, 2022

One of the most common mistakes that organisations make when addressing cyber security is that they consider it a one-off event. This process should be embedded within your overall cyber security measures in what experts refer to as cyber defence in depth. What is threat management?

Risk

Risk GDPR Information Security Personal data

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

Far-reaching regulations like Europe’s GDPR levy steep fines on organizations that fail to safeguard sensitive information. Learn how organizations can use IBM Guardium® Data Protection software to monitor data wherever it is and enforce security policies in near real time.

Data Privacy

Data Privacy Privacy GDPR Personal data

ICO issue fine of £4.4 to Interserve for security failings

DLA Piper Privacy Matters

OCTOBER 25, 2022

for violations of the GDPR (the violations were pre-Brexit). The ICO found that Interserve had failed to put appropriate technical and organisational measures in place to secure personal data (in contravention of Articles 5(1)(f) and 32 GDPR) for a period of ~20 months. The Incident.

Security

Security GDPR Personal data Insurance

RSA Conference 2023: Meet Thales Where the World Talks Security!

Thales Cloud Protection & Licensing

APRIL 18, 2023

RSA Conference 2023: Meet Thales Where the World Talks Security! Meet us at Booth #N-5369 for demonstrations on data security, customer and workforce identity, and post quantum cryptography – just to name a few. Security teams must build quantum resilience today to protect their business from emerging risks.

Security

Security Digital transformation Privacy Cybersecurity

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR

GDPR Personal data Privacy Information architecture

GDPR: It’s Christmas – A time of good FEAR!

CGI

DECEMBER 19, 2017

GDPR: It’s Christmas – A time of good FEAR! The biggest regulatory driver in 2018 will be the introduction of the General Data Protection Regulation (GDPR) in May. But smaller companies don’t seem to have gotten to grips with what they need to do to comply with GDPR. Tue, 12/19/2017 - 14:18. That’s a concern.

GDPR

GDPR Insurance Risk Privacy

Italy: Privacy law integrating the GDPR adopted, what to do?

DLA Piper Privacy Matters

MAY 14, 2018

The Italian privacy law integrating the GDPR has been finalized by the Board of Ministers, unveiling unexpected surprises a few days before the 25th of May 2018. Below are my top 5 derogations to the GDPR provided by the Italian privacy law: 1. Criminal sanctions for privacy breaches confirmed.

GDPR

GDPR Privacy Systems administration Compliance

GDPR may serve as model for future laws

Information Management Resources

OCTOBER 3, 2018

Because the GDPR requires an opt-in system, insurers must request, receive, and capture customer consent in a secure, referrable way.

GDPR

GDPR Insurance Security

CIPL and AvePoint Release Global GDPR Readiness Report

Hunton Privacy

NOVEMBER 10, 2016

On November 9, 2016, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP and AvePoint released the results of a joint global survey launched in May 2016 concerning organizational preparedness for implementing the EU General Data Protection Regulation (“GDPR”).

GDPR

GDPR Data Privacy Compliance Privacy

Police Scotland needs to invest millions in cyber security

IT Governance

JUNE 28, 2018

The Scottish Public Sector Cyber Resilience Framework aims to improve cyber security practices and promote cyber resilience in Scottish-based public-sector organisations. One of the best ways for organisations to ensure they are following cyber security best practices is to certify to the UK government’s Cyber Essentials scheme.

Security

Security GDPR Insurance Government

New CNIL €400,000 fine for data security breaches and non-compliance with data retention period under the GDPR

Data Protection Report

JULY 8, 2019

The issue giving rise to the financial penalty was a security breach relating to the company’s website notified by a user to the CNIL on 12 August 2018. According to SERGIC, the website’s security breach could have impacted around 29,440 users.

GDPR

GDPR Personal data Compliance Security

Insurers’ role will be critical in improving cybersecurity standards

CGI

AUGUST 31, 2016

Insurers’ role will be critical in improving cybersecurity standards. Cyber insurance can be obtained to cover such costs as crisis management, media management, incident management, technical remediation, legal fees, call management, data subject notification, breach investigation and many other losses resulting from a cyber-attack.

Insurance

Insurance Cybersecurity Risk Marketing

Written IT Security Policies: Why You Need Them & How to Create Them

eSecurity Planet

MARCH 18, 2022

Many security professionals think that if they have done the hard work of securing their organization, that should be enough. Even though drafting IT security policies can be a pain, formal policies provide a valuable resource to protect both the IT team and their organization. Written security policies.

IT

IT Compliance Security Access

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

While there are similarities with EU/UK GDPR – and sufficient harmonisation with data protection laws across APAC to continue a regional data compliance in Asia – the practicalities of implementation and compliance should not be underestimated. data subjects, using the GDPR terminology) located within India.

Personal data

Personal data GDPR Data breaches Compliance

Keeping Up with New Data Protection Regulations

erwin

APRIL 11, 2019

Keeping up with new data protection regulations can be difficult, and the latest – the General Data Protection Regulation (GDPR) – isn’t the only new data protection regulation organizations should be aware of. Less than four months before GDPR came into effect, only 6 percent of enterprises claimed they were prepared for it.

GDPR

GDPR e-Discovery Compliance Metadata

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. law, consumers and the marketplace have been comfortable with to date.

GDPR

GDPR Privacy Sales Data breaches

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

DLA Piper Privacy Matters

FEBRUARY 7, 2019

Given the potential financial exposure under GDPR, it is no surprise that a great deal of time is being spent working out how to allocate the risk and liability when negotiating commercial contracts. Before we look at limiting liability, we need to first consider how liability can arise in the first place in the context of GDPR.

GDPR

GDPR Risk Data breaches Personal data

Data Breach: Turkish legal advising company exposed over 15,000 clients

Security Affairs

FEBRUARY 26, 2021

Our online security team has uncovered a massive data breach originating from a misconfigured Amazon Bucket, which was operated by a Turkish Legal advising company, INOVA YÖNETIM & AKTÜERYAL DANI?MANLIK. Inova is an actuarial consultancy company, which means they compile statistical analysis and calculate insurance risks and premiums.

Data breaches

Data breaches Insurance Paper Access

Automating Security Risk Assessments for Better Protection

eSecurity Planet

JANUARY 12, 2021

Protecting your organization from IT security risks is an ongoing, fluid task. Proactively identifying, mitigating and remediating security threats is one of the biggest challenges today’s global businesses face. Components of Security Risk Assessments. Cybersecurity preparedness/ insurance. Endpoint protection.

Risk

Risk Security Cybersecurity Compliance

U.S. states pass data protection laws on the heels of the GDPR

Data Protection Report

JULY 9, 2018

states have recently introduced and passed legislation to expand data breach notification rules and to mirror some of the protections provided by Europe’s newly enacted General Data Protection Regulation (“GDPR”). See our previous blog posts on GDPR here and here. On the security front, as of March 2018, all 50 U.S. Several U.S.

GDPR

GDPR Data breaches Personal data Insurance

British Airways GDPR Lawsuit: The Potential Impact

Why Cyber Insurance is Essential in 2022

Webinars

Trending Sources

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Webinars

How Much Cyber Liability Insurance Do You Need?

CIAM in insurance: A unified, secure user experience with a single login

Security Compliance & Data Privacy Regulations

A guide to the GDPR for insurance companies

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

EUROPE: Are GDPR fines insurable in the countries where you operate?

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

What Is Information Security Management?

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

UK Information Commissioner’s Office Fines Construction Company £4.4 Million for Breach of Security Obligations

62% of organisations unaware of the GDPR

How to manage the growing costs of cyber security

Automated Security and Compliance Attracts Venture Investors

Patch your vulnerabilities now or risk punishment under the GDPR

Government survey reveals GDPR awareness is falling short

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Wake up to the reality of the GDPR: What you need to know about compliance

How Defence in Depth Can Help Organisations Tackle Complex Cyber Security Risks

How to Manage Your Cyber Risks

Data privacy examples

ICO issue fine of £4.4 to Interserve for security failings

RSA Conference 2023: Meet Thales Where the World Talks Security!

GDPR – The Year in Review

GDPR: It’s Christmas – A time of good FEAR!

Italy: Privacy law integrating the GDPR adopted, what to do?

GDPR may serve as model for future laws

CIPL and AvePoint Release Global GDPR Readiness Report

Police Scotland needs to invest millions in cyber security

New CNIL €400,000 fine for data security breaches and non-compliance with data retention period under the GDPR

Insurers’ role will be critical in improving cybersecurity standards

Written IT Security Policies: Why You Need Them & How to Create Them

India: New Digital Personal Data Protection Act, Start Planning Now.

Keeping Up with New Data Protection Regulations

California Enacts Broad Privacy Laws Modeled on GDPR

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

Data Breach: Turkish legal advising company exposed over 15,000 clients

Automating Security Risk Assessments for Better Protection

U.S. states pass data protection laws on the heels of the GDPR

Stay Connected