2019, Information Security, Insurance and IT - Information Management Today

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

JANUARY 14, 2019

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. 11 to the Ohio Revised Code. Ohio’s Act applies to licensees, defined as persons authorized, registered, or licensed under Ohio insurance laws, or required to be so.

Insurance

Insurance Security Cybersecurity Data breaches

Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR

Security Affairs

MAY 1, 2020

Maze Ransomware operators claim to have gained access to the network of Banco BCR of Costa Rica and stolen 11 million credit card credentials. Maze Ransomware operators claim to have hacked the network of the state-owned Bank of Costa Rica Banco BCR and to have stolen internal data, including 11 million credit card credentials.

Ransomware

Ransomware Encryption Insurance Data breaches

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance

Insurance Cybersecurity Data breaches Financial Services

Vertafore data breach exposed data of 27.7 million Texas drivers

Security Affairs

NOVEMBER 13, 2020

. “The files, which included driver information for licenses issued before February 2019, contained Texas driver license numbers, as well as names, dates of birth, addresses and vehicle registration histories. They did not contain any Social Security numbers or financial account information.

Data breaches

Data breaches Insurance Access Security

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. SEC Statement and Guidance on Public Company Cybersecurity Disclosures.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

2019 end-of-year review part 1: January to June

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Video-sharing app TikTok agreed to a record $5.7 million (£4.2

Data breaches

Data breaches GDPR Passwords Personal data

BEST PRACTICES: Rising complexities of provisioning identities has pushed ‘IGA’ to the fore

The Last Watchdog

APRIL 3, 2019

I had the chance at RSA 2019 to visit with Mike Kiser, global strategist at SailPoint , an Austin, TX-based supplier of IGA services to discuss this. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. Users re-defined. Compliance matters. Talk more soon.

Digital transformation

Digital transformation Insurance Compliance Healthcare

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

IT Governance

NOVEMBER 20, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. For more information about the SEC cyber security disclosure rules, register for our free webinar on 30 November.) to its leak site.

Data Privacy

Data Privacy Privacy Data breaches Security

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

Security firms have monitored the activities of a dozen groups at least since 2010. . According to a joint report published by RiskIQ and FlashPoint in 2019 , some groups are more advanced than others, in particular, the gang tracked as Group 4 appears to be very sophisticated. The malware was completely removed on November 11, 2019.

Data breaches

Data breaches Retail Cloud Insurance

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

1M compromised cards available for free in the underground market

Security Affairs

AUGUST 8, 2021

All material from 2018-2019. Figure 5 – Screenshot from Group-IB Threat Intelligence & Attribution system Nevertheless, according to Group-IB’s findings, despite the post author’s claim that the cards were compromised from 2018-2019, 97% of the records in the database are still valid. Valid at 3%.

Marketing

Marketing Sales IT Insurance

U.S. states pass data protection laws on the heels of the GDPR

Data Protection Report

JULY 9, 2018

These new and amended state data breach laws expand the definition of personal information and specifically mandate that certain information security requirements are implemented. On April 11, 2018, Arizona’s governor signed HB 2154 to amend the Arizona data breach notification law. Below are the key takeaways from U.S.

GDPR

GDPR Data breaches Personal data Insurance

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Data Matters

FEBRUARY 10, 2022

Establish and Implement Proper Policies and Procedures: The orders against First American and Pearson highlight the importance of maintaining policies and procedures for the reporting of security incidents and patching as well as the proper training of personnel under these policies and procedures. s software.

Cybersecurity

Cybersecurity Marketing Risk Compliance

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

These cases have been a central part of post-9/11 privacy law. and perhaps even on the model clauses, although ultimate decisions on the merits may easily reach into 2019 or beyond. Carpenter argues that the government is required to receive a warrant under the Fourth Amendment for his location records. Safe Harbor.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

KnowBe4

MARCH 14, 2023

CyberheistNews Vol 13 #11 | March 14th, 2023 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears Robert Lemos at DARKReading just reported on a worrying trend. In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2%

Phishing

Phishing Security Artificial Intelligence Security awareness

India’s Digital Future Is Bright

Thales Cloud Protection & Licensing

DECEMBER 23, 2019

According to the 2019 Thales Data Threat Report-India Edition , digital transformation is well underway in India, with 41% of Indian respondents saying they are either aggressively disrupting the markets they participate in or embedding digital capabilities that enable greater organizational agility.

Digital transformation

Digital transformation Cloud Encryption Data Privacy

Top Cybersecurity Startups to Watch in 2022

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. With evolving attack methodologies due to machine learning, quantum computing, and sophisticated nation-state hackers, security startups are receiving record funding.

Cybersecurity

Cybersecurity Cloud Compliance Analytics

Information Management Today

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR

Trending Sources

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

Vertafore data breach exposed data of 27.7 million Texas drivers

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

2019 end-of-year review part 1: January to June

BEST PRACTICES: Rising complexities of provisioning identities has pushed ‘IGA’ to the fore

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

US-based children’s clothing maker Hanna Andersson discloses a data breach

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

1M compromised cards available for free in the underground market

U.S. states pass data protection laws on the heels of the GDPR

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Privacy and Cybersecurity Top 10 for 2018

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

India’s Digital Future Is Bright

Top Cybersecurity Startups to Watch in 2022

Stay Connected