Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. Readers may recall that NYDFS’ cybersecurity regulation went into effect in March of 2017. NSC reported a second cybersecurity event to NYDFS on May 12, 2020.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94

IT Governance

OCTOBER 11, 2018

Hello and welcome to the IT Governance podcast for Friday, 12 October. Amazon, Apple and Supermicro all categorically deny Bloomberg’s claims , and the UK’s NCSC and the US Department of Homeland Security both say they have no reason to doubt their statements. Here are this wee- actually, can we have a quick word about that theme tune?

Personal data 73

Personal data Manufacturing Data breaches Government 73

IT Governance

JANUARY 10, 2019

It’s long been a habit of journalists and online commentators to open the year with predictions about the coming months, but I don’t think there’s much value in that from an information security point of view. As ever, you can find all the information you need about the GDPR on our website. 123456789.

Data breaches 77

Data breaches Passwords GDPR Personal data 77

DLA Piper Privacy Matters

FEBRUARY 13, 2018

The long awaited new National Standards on Information Security Technology – Personal Information Security Specification GB/T 35273-2017 (“PI Specification”) has now been released, and will come into force on 1 May 2018. By Scott Thiel and Carolyn Bigg. Explicit consent (i.e.

Information Security 40

Information Security Compliance GDPR Big data 40

Hunton Privacy

APRIL 19, 2017

On April 12, 2017, the U.S. In addition, the risk analysis MCPN eventually conducted was deemed “insufficient to meet the requirements of the Security Rule.”. OCR Director Roger Severino stated that “Patients seeking health care trust that their providers will safeguard and protect their health information.

Risk 45

Risk Compliance Phishing Security 45

Security Affairs

MAY 23, 2019

During our analysis we constantly run into the tricks cyber-attackers use to bypass companies security defences, sometimes advanced, others not. The third one is related to binary payloads abusing code signature tricks to evade traditional security controls. Introduction. Technical Analysis. The Broken Doc. biz/js/Oj1/smile.doc”.

Security 79

Security Phishing Encryption IT 79

IT Governance

JULY 19, 2018

The ICO (Information Commissioner’s Office) has fined the IICSA (Independent Inquiry into Child Sexual Abuse) £200,000 for sending a bulk email that identified possible victims of historic sexual abuse – in breach of the Data Protection Act 1998. Until next time you can keep up with the latest information security news on our blog.

Data breaches 66

Data breaches Privacy Personal data Compliance 66

IT Governance

AUGUST 21, 2018

Looking more broadly than the retail sector for a moment, the ICO reports that there were a total of 957 data security incidents during the first quarter of 2018 (a 17% increase on Q3) and the World Economic Forum believes that cyber attacks are one of the top five risks to global stability in the next five years, so we all need to take heed.

Retail 66

Retail Data breaches GDPR Compliance 66

Data Matters

APRIL 23, 2018

Recent guidance from the Securities and Exchange Commission (SEC) on disclosure and enforcement actions by the Federal Trade Commission (FTC) make clear that cybersecurity is no longer a niche topic, but a concern significant enough to warrant the oversight of corporate boards of directors. Designing an Enterprise-Level Approach.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

Data Matters

AUGUST 19, 2020

The NYDFS Cybersecurity Regulation became effective in March 2017 and, beginning on February 15, 2019, required all NYDFS-regulated entities (Covered Entities), including First American, to annually certify compliance with the Regulation. limit user access privileges to information systems that provide access to NPI (23 NYCRR § 500.07).

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

ForAllSecure

APRIL 7, 2021

Welcome to the hacker mind and original podcast from for all secure, it's about challenging our expectations about the people who hack for a living. million InfoSec professionals, as of early 2021 How can that be part of the problem lies in the training pipeline, we really have to do a much better job with that.

Cybersecurity 40

Cybersecurity Information Security IT Security 40

ForAllSecure

APRIL 7, 2021

Welcome to the hacker mind and original podcast from for all secure, it's about challenging our expectations about the people who hack for a living. million InfoSec professionals, as of early 2021 How can that be part of the problem lies in the training pipeline, we really have to do a much better job with that.

Cybersecurity 40

Cybersecurity Information Security IT Security 40

ForAllSecure

AUGUST 14, 2019

The CyberWire Daily podcast delivers the day's cyber security news into a concise format. Dave Bittner: [00:00:03] A contractor for Russia's FSB security agency was apparently breached. Dave Bittner: [00:00:03] A contractor for Russia's FSB security agency was apparently breached. It's time to build your security the same way.

Cloud 52

Cloud Energy and Utilities Security Access 52

ForAllSecure

AUGUST 14, 2019

The CyberWire Daily podcast delivers the day's cyber security news into a concise format. Dave Bittner: [00:00:03] A contractor for Russia's FSB security agency was apparently breached. Dave Bittner: [00:00:03] A contractor for Russia's FSB security agency was apparently breached. It's time to build your security the same way.

Cloud 40

Cloud Energy and Utilities Security Access 40

ForAllSecure

AUGUST 14, 2019

The CyberWire Daily podcast delivers the day's cyber security news into a concise format. Dave Bittner: [00:00:03] A contractor for Russia's FSB security agency was apparently breached. Dave Bittner: [00:00:03] A contractor for Russia's FSB security agency was apparently breached. It's time to build your security the same way.

Cloud 40

Cloud Energy and Utilities Security Access 40

ForAllSecure

JANUARY 15, 2021

Listen to EP 12: Hacking Healthcare. Microsoft, for example, stopped patching Windows XP for security vulnerabilities in 2014. I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic.

IT 52

IT Manufacturing Government Paper 52

ForAllSecure

JANUARY 15, 2021

Listen to EP 12: Hacking Healthcare. Microsoft, for example, stopped patching Windows XP for security vulnerabilities in 2014. I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic.

IT 52

IT Manufacturing Government Paper 52