2018, Information Security, Insurance and IT - Information Management Today

2018

Information Security

Insurance

NYDFS Cybersecurity Regulations: First Annual Compliance Certification Due February 15, 2018

Data Matters

FEBRUARY 7, 2018

Companies that are subject to New York’s Cybersecurity Regulation are moving quickly to finalize their compliance obligations under the Cybersecurity Regulation, as the second “due date” quickly approaches – February 15, 2018. They also became obligated to report cybersecurity events to the NYDFS. .

Compliance

Compliance Cybersecurity Information Security Privacy

NYDFS settles cybersecurity regulation matter for $3 million

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC), relating to violations of three different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2020. NYDFS Cybersecurity Regulation.

Cybersecurity

Cybersecurity Financial Services Phishing Compliance

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

Trending Sources

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

IT Governance

NOVEMBER 6, 2023

According to the security company Resecurity , which discovered the listing, the data included victims’ name, age, gender, address, passport number and Aadhaar number (a 12-digit government identification number). It secured its systems, notified law enforcement and began investigating the incident.

Data Privacy

Data Privacy Privacy Security Libraries

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

How are the EU member states progressing in their implementation of the NIS Directive?

IT Governance

APRIL 10, 2019

On 6 July 2016, the EU officially adopted the NIS Directive (Directive on security of network and information systems) and gave each EU member state just under two years to implement its requirements into national law. Implementation status : Transposed, as the Cyber Security Act (94/2018). 360 of 2018.

Compliance

Compliance Information Security Government Insurance

Tens of Million patients impacted by the AMCA data breach

Security Affairs

JUNE 5, 2019

Securities and Exchange Commission (SEC) Quest revealed that the attackers broke into the web payment portal of the American Medical Collection Agency between August 1, 2018 and March 30, 2019. The security breach has impacted roughly 12 million of Quest Diagnostics ‘ patients and roughly 7.7 of LabCorp patients.

Data breaches

Data breaches Insurance Sales Security

Scanning for Flaws, Scoring for Security

Krebs on Security

DECEMBER 12, 2018

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? the security posture of vendor partners). Image: US Chamber of Commerce.

Security

Security Energy and Utilities Risk Data breaches

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

The Cyber Security Breaches Survey 2018 from the Department for Digital, Culture, Media and Sport (DCMS) has revealed that only 38% of businesses and 44% of charities have heard of the General Data Protection Regulation (GDPR). This is a worrisome finding, as it is only a matter of months until the new Regulation is enforced.

GDPR

GDPR Government Education Compliance

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

IT Governance

NOVEMBER 20, 2023

According to databreaches.net , the group exfiltrated tenant information, service management information, financial data, business data, property data, employee data and sensitive business information. For more information about the SEC cyber security disclosure rules, register for our free webinar on 30 November.)

Data Privacy

Data Privacy Privacy Data breaches Security

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

1M compromised cards available for free in the underground market

Security Affairs

AUGUST 8, 2021

All material from 2018-2019. Figure 5 – Screenshot from Group-IB Threat Intelligence & Attribution system Nevertheless, according to Group-IB’s findings, despite the post author’s claim that the cards were compromised from 2018-2019, 97% of the records in the database are still valid. Valid at 3%.

Marketing

Marketing Sales IT Insurance

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Data Matters

FEBRUARY 10, 2022

For example, SEC guidance from 2018 emphasizes that there is a range of factors that may affect whether an incident should be disclosed to investors beyond the bottom-line financial costs to respond to the incident. Public Companies and Service Providers. Public companies currently must disclose material cybersecurity incidents. s software.

Cybersecurity

Cybersecurity Marketing Risk Compliance

List of Data Breaches and Cyber Attacks in 2023

IT Governance

JUNE 1, 2023

Meanwhile, you can subscribe to our Weekly Round-up to receive the latest cyber security news and advice delivered straight to your inbox. IT Governance is dedicated to helping organisations tackle the threat of cyber crime and other information security weaknesses.

Data breaches

Data breaches Insurance Personal data Ransomware

FTC Hosts Workshop on Informational Injury

Hunton Privacy

DECEMBER 15, 2017

On December 12, 2017, the Federal Trade Commission hosted a workshop on informational injury in Washington, D.C. Some panelists stated it should occur if the information is sensitive, while others noted over-enforcement can be a deterrent to new technologies. For instance, it can look at social harms in ways that courts cannot.

Privacy

Privacy Risk Retail Insurance

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

AUGUST 15, 2019

Related: ‘Cyber Pearl Harbor’ happens every day Some 15 months earlier, in March 2018, Atlanta was hit by a similar assault, and likewise refused to pay a $51,000 ransom, eating $17 million in damage. “All we know is MONEY! Tik Tak, Tik Tak, Tik Tak!” The attackers demanded $76,000, paid in Bitcoin, for a decryption key.

Ransomware

Ransomware Access Cybersecurity Insurance

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

* This article first appeared in In-House Defense Quarterly on April 3, 2018. Information security is not yet a science; outside of the handful of issues falling under the field of cryptography, there is no formalized system of classification. Its prescription can be understood as an enterprise-level, targeted guidance approach.

Cybersecurity

Cybersecurity Risk Passwords Authentication

CyberheistNews Vol 13 #22 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks

KnowBe4

MAY 31, 2023

The next layer in your defense should be a user that's properly educated using security awareness training to easily identify financial fraud and other phishing-based threats, stopping them before they do actual damage. link] Cyber Insurance: Is Paying a Ransom Counter-Productive? By Jacqueline Jayne.

Phishing

Phishing File names Security awareness Risk

Top Cybersecurity Startups to Watch in 2022

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. With evolving attack methodologies due to machine learning, quantum computing, and sophisticated nation-state hackers, security startups are receiving record funding.

Cybersecurity

Cybersecurity Cloud Compliance Analytics

NYDFS Cybersecurity Regulations: First Annual Compliance Certification Due February 15, 2018

NYDFS settles cybersecurity regulation matter for $3 million

Webinars

Trending Sources

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

Webinars

How are the EU member states progressing in their implementation of the NIS Directive?

Tens of Million patients impacted by the AMCA data breach

Scanning for Flaws, Scoring for Security

Government survey reveals GDPR awareness is falling short

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

1M compromised cards available for free in the underground market

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

List of Data Breaches and Cyber Attacks in 2023

FTC Hosts Workshop on Informational Injury

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

An Approach to Cybersecurity Risk Oversight for Corporate Directors

CyberheistNews Vol 13 #22 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks

Top Cybersecurity Startups to Watch in 2022

Stay Connected