IT Governance

MAY 16, 2019

There are 46 standards in total in the series (although only a few apply to every organisation), of which ISO 27005 , the risk management standard, is arguably the most important and easiest to get wrong. What is risk management? Assessing these risks helps inform your decision about the best way to reduce risk to an acceptable level.

Risk 51

Risk Information Security Insurance Security 51

DLA Piper Privacy Matters

DECEMBER 7, 2017

Two recent developments in the United Kingdom highlight the growing risk of privacy litigation and “group actions” which is likely to further increase following the enactment of the General Data Protection Regulation (“ GDPR “) in May 2018. Various Claimants v Wm Morrisons Supermarket PLC [2017] 3113.

Risk 40

Risk Privacy GDPR Data breaches 40

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 66

Financial Services Cybersecurity Insurance Risk 66

The Last Watchdog

APRIL 18, 2019

Imposing just the right touch of policies and procedures towards mitigating cyber risks is a core challenge facing any company caught up in digital transformation. Related: Data breaches fuel fledgling cyber insurance market. Enterprises, especially, tend to be methodical and plodding. Here are the key takeaways: Blistering pace.

Security 113

Security Digital transformation Risk Cloud 113

Data Matters

MAY 9, 2019

The National Association of Insurance Commissioners (NAIC) held its Spring 2019 National Meeting (Spring Meeting) in Orlando, Florida, from April 6 to 9, 2019. This post summarizes the highlights from this meeting. Department of the Treasury and the Office of the U.S.

Insurance 66

Insurance Blockchain Big data Risk 66

Data Protection Report

AUGUST 3, 2017

On August 1, 2017, US Senators unveiled a bipartisan bill to mandate baseline cybersecurity requirements for internet connected devices purchased by the federal government. Norton Rose Fulbright has been shortlisted for ‘Cyber law firm of the year’ at the Insurance Insider Cyber Ranking Awards 2017.

IoT 40

IoT Cybersecurity Insurance Marketing 40

Data Matters

AUGUST 27, 2018

Looking ahead, Covered Entities will be required to meet one final compliance deadline for the NYDFS on March 1, 2019. The NYDFS Cybersecurity Regulation (published at 23 NYCRR 500.01) sets forth the minimum requirements for NYDFS-regulated entities to address cybersecurity risks.

Cybersecurity 60

Cybersecurity Compliance Encryption Risk 60

DLA Piper Privacy Matters

NOVEMBER 6, 2019

According to the Berlin DPA the affected data included information about the personal and financial circumstances of tenants, such as payslips, self-disclosure forms, extracts from employment and training contracts, tax data, social security and health insurance data and bank statements. The risks of “data cemeteries”.

GDPR 98

GDPR Personal data Archiving Compliance 98

Hunton Privacy

JULY 11, 2017

On July 10, 2017, the Cyberspace Administration of China published a new draft of its Regulations on Protecting the Security of Key Information Infrastructure (the “Draft Regulations”), and invited comment from the general public. The Draft Regulations will remain open for comment through August 10, 2017. This post has been updated. .

Energy and Utilities 45

Energy and Utilities Security Cybersecurity Manufacturing 45

ARMA International

FEBRUARY 21, 2020

A company in Wisconsin had a “chipping party” in 2017 to implant microchips in some of its employees to make it easier for them to access the buildings and systems and to buy food in the company break room. [1]. Benefits and Risks. Each type of IoB device brings with it benefits and risks. August 1, 2017. [2]. Forbes.com.

Computer and Electronics 106

Computer and Electronics Privacy Artificial Intelligence IoT 106

HL Chronicle of Data Protection

MARCH 14, 2019

Periodic risk assessments. The Safeguards Rule allows FIs to take a risk-based approach to developing its ISP. Risk assessments under the proposed Rule will need to be written and include certain content, such as the criteria FIs use to evaluate and categorize identified security risks or threats.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

CGI

JANUARY 12, 2017

Fri, 01/13/2017 - 00:36. CGI conducted a survey in 2016 to help gauge this impact, reaching out to bank consumers to explore their expectations and assess how banks can better compete with FinTechs in meeting those expectations. IoT-based auto insurance pricing. Finally, many consumers are simply risk averse.

Financial Services 40

Financial Services IoT Risk Insurance 40

CGI

JANUARY 12, 2017

Fri, 01/13/2017 - 01:45. This last blog shares some key recommendations for both banks and FinTechs as they compete to meet evolving consumer expectations and position themselves for growth. Maximize proof-of-concepts/pilots while minimizing customer risk: It’s unwise for a traditional bank to just “slap on” a new FinTech service.

Financial Services 40

Financial Services Education Marketing Risk 40

Hunton Privacy

DECEMBER 15, 2017

On December 12, 2017, the Federal Trade Commission hosted a workshop on informational injury in Washington, D.C. Later in the afternoon, the discussion turned to business and consumer perspectives on the benefits, costs and risks of collecting and sharing data.

Privacy 42

Privacy Risk Retail Insurance 42

Data Matters

NOVEMBER 5, 2018

Like its 2017 predecessor, “Automated Driving Systems 2.0: prioritize safety by addressing potential risks to advance the “life-saving potential of automation, which will strengthen public confidence in these emerging technologies”. A Vision for Safety,” AV 3.0 In particular, AV 3.0 emphasizes that DOT will. Of particular note, AV 3.0

Cybersecurity 84

Cybersecurity Government Communications Privacy 84

DLA Piper Privacy Matters

SEPTEMBER 29, 2017

Pursuant to several provisions of the French Code Monétaire et Financier , entities from the banking and financial sector are required to implement processes and strategies to detect, measure and manage operational risks within their group (on a consolidated basis). Parent companies of financing companies.

Personal data 40

Personal data Financial Services Risk Insurance 40

Data Matters

APRIL 23, 2018

More and more, directors are viewing cyber-risk under the broader umbrella of corporate strategy and searching for ways to help mitigate that risk. Despite the plethora of cyber-risk guidance that has surfaced in recent years, however, there is no “silver bullet” for cyber incident response and prevention.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

IGI

NOVEMBER 10, 2017

Before joining Preservica in May 2017, I advised more than 40 public and private sector organizations on good recordkeeping practices as an independent consultant, and learned firsthand about their wide-ranging retention requirements.

Digital preservation 20

Digital preservation Government Digital transformation Access 20

Data Protection Report

MAY 23, 2018

For many organizations that are based outside the EU and took the “wait and see” approach, our checklist may come in handy, which gives an illustrative overview of the requirements likely to impact most types of businesses and the practical steps that organizations need to take to meet those requirements. Did we mention big data?

GDPR 40

GDPR Personal data Compliance Data breaches 40

IT Governance

FEBRUARY 5, 2018

Increased interest in cyber insurance. With more than 800 million records being leaked in 2017 ( find out more in our Breaches and Hacks Blog Archive ), it’s not surprising that cyber insurance business has increased in recent months. Insurers assess an organisation’s cyber risk to set premium levels.

Insurance 55

Insurance Risk Government Paper 55

IT Governance

DECEMBER 27, 2019

Victims of Equifax’s 2017 data breach were given the go-ahead to launch a class-action lawsuit. Among other news: Users of Pandora and Clifford car alarms learned that they were at risk of having their car stolen due to a security vulnerability. million people – just under a third of the country’s population.

Data breaches 55

Data breaches GDPR Passwords Personal data 55

eSecurity Planet

MARCH 28, 2023

This article was originally written by Drew Robb on July 7, 2017 , and updated by Chad Kime on March 29, 2023. While a more expensive option, HPE and Aruba back their ClearPass product with the confidence inspired by their brand, robust support options, and a large partner network.

Authentication 116

Authentication Access IoT MDM 116

eSecurity Planet

OCTOBER 5, 2021

With more employees working from home, their data was more at risk from weaker networks and personal devices. Banking, financial services, and insurance industries constitute the largest share of adopters, with North America leading adoption, according to Orbis Research. VPN Authentication.

Authentication 104

Authentication Passwords Access Computer and Electronics 104

Data Protector

OCTOBER 11, 2017

That is compounded by the fact that this is a Lords starter Bill that comes to us without the benefit of consideration in the other place, and particularly without the usual evidence-taking sessions that ensure that a Bill meets the needs of those affected by it.

GDPR 120

GDPR Personal data Government IT 120

IT Governance

OCTOBER 31, 2019

NordVPN, TorGuard and VikingVPN disclose data breaches dating back to 2017 (unknown). Employees at Canada’s Lucia Mar School District at risk after email gaffe (unknown). Louisiana-based health insurance firm Humana notifies customers of privacy breach (500). Wells Fargo bank teller arrested for identify fraud (unknown).

Data breaches 91

Data breaches Ransomware Phishing Retail 91

eSecurity Planet

JANUARY 11, 2022

Boasting itself as the world’s first Code Risk Platform, Apiiro Security offers risk visibility across design, code, and cloud segments. Apiiro can connect across hybrid infrastructure through a read-only API and promises real-time inventory and actionable remediation for risks in addressing DevSecOps. Apiiro Security.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

IT Governance

OCTOBER 25, 2018

The data comprised their names, addresses, gender, dates of birth, phone numbers, National Insurance numbers, bank details and salaries. In 2017, 5,518 Morrisons staff brought the UK’s first data protection class action against their employer , claiming compensation on the basis that the supermarket was liable for Skelton’s actions.

Data Privacy 56

Data Privacy Privacy Data breaches GDPR 56