2018, Financial Services and Government - Information Management Today

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

.” Mark Rasch , also former federal prosecutor in Washington, said the SEC is signaling with this action that it intends to take on more cases in which companies flub security governance in some big way. “It’s a win for the SEC, and for First America, but it’s hardly justice,” Rasch said.

Insurance

Insurance Risk Financial Services Mining

NY Department of Financial Services Issues Reminder for Cybersecurity Filing Deadline

Hunton Privacy

JANUARY 24, 2018

On January 22, 2018, the New York Department of Financial Services (“NYDFS”) issued a press release reminding entities covered by its cybersecurity regulation that the first certification of compliance with the regulation is due on or prior to February 15, 2018.

Financial Services

Financial Services Cybersecurity Compliance Insurance

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. Lacewell stated that cybersecurity is the biggest risk for government and private organizations and described how the Framework is based on “extensive dialogue with industry and experts.”. The Framework. 1 See W.B.

Insurance

Insurance Financial Services Cybersecurity Risk

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. government, especially in light of ongoing tensions between the U.S. First , all of the reports specifically focus on the threat of Russian state-sponsored cyberattacks.

Cybersecurity

Cybersecurity Financial Services Authentication Government

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

According to the experts, the threat actors are merely trying to monetize their efforts selling information that have no intelligence value for the Iranian Government. In late July 2020, Crowdstrike spotted a threat actor associated with PIONEER KITTEN that was attempting to sell access to compromised networks on an underground forum.

Access

Access Financial Services Retail Insurance

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

We expect each of these trends to continue in 2018. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR. The May 25, 2018 effective date for the EU’s General Data Protection Regulation (GDPR) will no doubt be a central focus of 2018. Data breach litigation risks.

Privacy

Privacy Cybersecurity Data breaches GDPR

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk

Risk Financial Services Insurance Cybersecurity

Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365

Security Affairs

NOVEMBER 17, 2019

Chinese white hat hackers have a long story of success, they won several international hacking contests in the past, but in 2018 the Chinese government prohibited Chinese experts in participating this kind of competition abroad. According to the organizers , in 2018 hackers earned $1,024,000 for a total of 30 vulnerabilities.

Financial Services

Financial Services Government Security Cybersecurity

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

This is stunning: phishing attacks soared in 2018, rising 250% between January and December, according to Microsoft’s Security Intelligence Report. Customers in financial services, energy, government, healthcare and manufacturing sectors are using its testing and training modules. It is headquartered in Zurich, with a U.S

Phishing

Phishing Financial Services Manufacturing Education

$8 million penalty to NYDFS – and another case of over-retention

Data Protection Report

JANUARY 18, 2024

NYDFS conducted its first audit of GGT for the period of May 17, 2018 through March 31 2019. Companies should focus on establishing and implementing a reasonable information governance policy and record retention schedule with special emphasis on documents that contain personal information.

Cybersecurity

Cybersecurity Financial Services Compliance Encryption

Archives Records 2018 RMS Annual Meeting

The Schedule

AUGUST 22, 2018

Outgoing RMS chair Eira Tansey addresses the joint meeting of the Acquisition & Appraisal and Records Management Sections at SAA’s 2018 annual meeting. ” The first speaker was Lauren Gaines from Thrivent Financial, which is a fraternal benefit society and Fortune 500 financial services organization.

Archiving

Archiving FOIA Records Management Compliance

Regulatory Update: NAIC Summer 2018 National Meeting

Data Matters

AUGUST 24, 2018

The National Association of Insurance Commissioners (NAIC) held its Summer 2018 National Meeting in Boston, Massachusetts, from August 4 to 7, 2018. The Task Force aims to complete the white paper by the fall of 2018. This post summarizes the highlights from this meeting.

Insurance

Insurance Big data e-Delivery Risk

From principles to actions: building a holistic approach to AI governance

IBM Big Data Hub

SEPTEMBER 27, 2022

Whether it be financial services, employee hiring, customer service management or healthcare administration, AI is increasingly powering critical workflows across all industries. When IBM launched its AI Ethics Board in 2018, AI ethics was not a hot topic in the press, nor was it top-of-mind among business leaders.

Government

Government Compliance Data science Financial Services

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

Security Affairs

SEPTEMBER 10, 2018

defense contractors and financial services firms worldwide. In March 2018, security experts at Kaspersky Lab have observed an attack powered by the Chinese APT group, the experts speculate the campaign was started in the fall of 2017. The APT group has been active since at least 2010, the crew targeted U.S.

Communications

Communications Financial Services Government Phishing

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. See the Top Governance, Risk and Compliance (GRC) Tools. Regulatory compliance and data privacy issues have long been an IT security nightmare.

Data Privacy

Data Privacy Compliance Privacy Security

4 Special Requirements Social Media and Collaboration Create for GDPR Compliance

AIIM

JANUARY 26, 2018

The clock is ticking – the regulation goes into effect on May 25th, 2018, and the potential penalties for non-compliance are significant (organizations found to be in breach of GDPR may be fined up to 4% of annual revenues or 20 million Euro, whichever is the greater). 3 -- Governance and oversight.

GDPR

GDPR Compliance Archiving Privacy

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021. 2 See Cybersecurity Risk Governance, 3235-AM89, Securities and Exchange Commission (Spring 2021). This resolution highlights the SEC’s continued focus on cybersecurity. 20, 2017).

Cybersecurity

Cybersecurity Financial Services Risk Compliance

The Business of Data Newsletter – Issue 7 (7 December 2018)

Information Matters

DECEMBER 7, 2018

UK consumers threaten data breach backlash – Computer Weekly, 5 December 2018. “Seven out of 10 UK consumers and two-thirds, on average, around the world would stop doing business with a brand that suffers a breach of users’ financial or personal data. ” [link]. ” [link]. ” [link]. ” [link]. .

IoT

IoT Blockchain Personal data Analytics

The time for government blockchain proofs of concept is now

CGI

MAY 15, 2018

The time for government blockchain proofs of concept is now. Tue, 05/15/2018 - 06:29. For the past two years, CGI has seen an exponential uptick in commercial sector interest in blockchain beyond just the financial services industry. Many government agencies also have been wading deeper into the blockchain waters.

Blockchain

Blockchain Government Digital transformation Consumer Services

Improve your data relationships with third parties

Collibra

FEBRUARY 11, 2020

Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed. There are several areas that the international financial services regulatory community is engaged in that touch on third party personal data relationships.

Financial Services

Financial Services Digital transformation Personal data Compliance

Sibos 2018 – a whirlwind tour of my week down under

CGI

DECEMBER 18, 2018

Sibos 2018 – a whirlwind tour of my week down under. Tue, 12/18/2018 - 04:55. CGI has been selected to build the Network, which will have an open architecture and standardised connectivity based on a governance model similar to Swift in order to maximise adoption across the supply chain ecosystem.

Financial Services

Financial Services Encryption Marketing GDPR

Best Managed Security Service Providers (MSSPs)

eSecurity Planet

JANUARY 27, 2022

billion by 2026, driven not only by remote working and growing cyber threats but also by a massive cybersecurity skills shortage , the demands of government regulations , and the simple cost benefits of outsourcing. Use Cases: Companies and governments in U.K., Use Cases: Mid-sized, enterprise, and government organizations.

Security

Security Cloud Compliance Analytics

Was RI Advice a watershed for cybersecurity law in Australia or a damp squib?

Data Protection Report

MAY 25, 2022

The decision has been labelled as a watershed decision in Australia – a ‘first of its kind’ case that puts financial services firms, and more broadly, corporate Australia, on notice that failures to adequately understand and manage cybersecurity and cyber resilience risks will no longer be tolerated by Australia’s regulatory agencies.

Cybersecurity

Cybersecurity Risk Financial Services Retail

Office of Foreign Assets Control: Making or Facilitating Ransomware Payments May Violate U.S. Sanctions

Data Matters

OCTOBER 8, 2020

According to OFAC, ransomware attacks have been increasing over the last two years and are a special risk during the COVID-19 pandemic, with cybercriminals targeting not only large corporations but also small to medium enterprises, hospitals, schools, and local government agencies. November 2018: two Iranian creators of SamSam ransomware.

Ransomware

Ransomware Compliance Risk Government

Canon Reinforces Reliability with Three-Year Warranty for New imageFORMULA DR-C225 II and DR-C225W II Scanners

Info Source

SEPTEMBER 11, 2018

September 10, 2018 – In recognition of the importance of reliability when modernizing paper-based processes, Canon U.S.A., 1 Cloud based services are subject to third-party cloud service providers’ terms and conditions, and possible subscription fees. as of 2018. MELVILLE, N.Y., 3 Actual prices set by dealer and may vary.

Paper

Paper Cloud Financial Services Compliance

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. 2018-L-11008, 2018 WL 4941760 (Ill. For example, Mondelez International Inc.

Insurance

Insurance Cybersecurity Risk Education

It’s time to think twice about retail loyalty programs

Thales Cloud Protection & Licensing

DECEMBER 11, 2018

We had some results this year from the 100+ US retail IT security professionals that were surveyed for the 2018 Thales Data Threat Report that differed from every other segment we polled (healthcare, federal government, financial services).

Retail

Retail Data breaches Encryption Mining

UK: The ICO and the FCA Agree on Strengthened Co-operation and Collaboration

DLA Piper Privacy Matters

MARCH 1, 2019

The MoU sets out the principles of collaboration and the legal framework governing the sharing of relevant information and intelligence. The FCA is the conduct regulator for 58,000 financial services firms and financial markets in the UK and the prudential regulator for over 18,000 of those firms. promote competition.

Financial Services

Financial Services Marketing GDPR Data breaches

Ransomware Protection in 2021

eSecurity Planet

FEBRUARY 16, 2021

Only 38% of state and local government employees are trained for ransomware prevention, and only 29% of small businesses have experience with ransomware ( IBM ). Healthcare and financial services are the most attacked industries. The Ryuk ransomware family spawned in 2018 from a sophisticated Russia-based cybercrime group.

Ransomware

Ransomware Encryption Insurance Cloud

Federal Agency Data is Under Siege

Thales Cloud Protection & Licensing

JULY 24, 2018

to discuss the findings of the 2018 Thales Data Threat Report, Federal Edition. Question: Can you provide an overview of the 2018 Thales Data Threat Report, Federal Edition, and elaborate why it’s needed today more than ever? More so than commercial enterprises, government agencies are making a massive shift to the cloud.

Encryption

Encryption Cloud Data breaches Government

ABBYY Opens Office in Hong Kong to Strengthen Presence in Asia

Info Source

JULY 16, 2019

billion in 2019, an almost 80% increase over 2018, and $15.06 The retail industry and banking are the biggest spenders on AI in the region, with use cases such as fraud analysis and customer-facing process automation enabling self-service and improving customer experience. billion in 2022. and Tech Mahindra.

Customer Experience

Customer Experience Financial Services Marketing Retail

Living in a data sovereign world

IBM Big Data Hub

OCTOBER 16, 2023

Data sovereignty addresses legal, privacy, security and governance concerns associated with the storage, processing and transfer of data. Establish data governance frameworks, policies, procedures and tools by organizations to bring in required control and audit. Data sovereignty in the EU is an evolving field.

Cloud

Cloud Compliance Data Privacy Privacy

Takeaways From CCPA Public Forums

Data Matters

FEBRUARY 12, 2019

When California Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law on June 28, 2018, there was broad agreement that revisions and clarifications were necessary. Adjusting the monetary threshold governing what businesses are covered by the Act. Rules for Opt-Out of Sale. Rules for Notices and Information.

Sales

Sales Privacy Data Privacy Compliance

California Consumer Privacy Act: The Challenge Ahead – The Interplay Between the CCPA and Financial Institutions

HL Chronicle of Data Protection

DECEMBER 7, 2018

The California Consumer Privacy Act of 2018 (“CCPA”) exempts information that is collected, processed, sold, or disclosed pursuant to the federal Gramm-Leach-Bliley Act (“GLBA”), and its implementing regulations (the “Privacy Rule”), or the California Financial Information Privacy Act (“CFIPA”). Background.

Privacy

Privacy Financial Services Compliance Data breaches

The blockchain bowling alley: How distributed ledger technology goes mainstream

CGI

JULY 20, 2018

Fri, 07/20/2018 - 02:40. What’s more, it’s poised to spill over from financial services into a wide range of industries. In my work and research, I see financial services organizations using immutability to enhance fraud detection and pinpoint instances of money laundering. harini.kottees…. Add new comment.

Blockchain

Blockchain Financial Services Insurance Manufacturing

Weekly podcast: banks, Thomas Cook, London cyber court and Facebook

IT Governance

JULY 13, 2018

This week, we discuss operational resilience in the banking and financial market infrastructures sectors, a data breach affecting Thomas Cook subsidiaries, London’s proposed new court building and the latest development in the Facebook/Cambridge Analytica scandal. Hello and welcome to the IT Governance podcast for Friday, 13 July.

Business Services

Business Services Marketing Data breaches Paper

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

Data Matters

FEBRUARY 25, 2021

Further, the FCA has confirmed its position set out in the Temporary COVID Guidance that it expects the senior management or governing body of an EMI or PI to document, review, and approve — at least annually — the design and results of the firm’s stress testing. not to include uncommitted intragroup liquidity facilities.

Authentication

Authentication Paper Risk Insurance

California Consumer Privacy Act: The Challenge Ahead — Introduction to Hogan Lovells’ Blog Series

HL Chronicle of Data Protection

SEPTEMBER 12, 2018

We have heard the California Consumer Privacy Act of 2018 (CCPA) called all these things and more since its enactment on June 28, ?2018. Groundbreaking. Unprecedented. Our experience to date has confirmed the compliance challenge ahead for organizations that engage with the residents of the world’s fifth-largest economy.

Privacy

Privacy Compliance GDPR Data breaches

eIDAS 2.0 REGULATION WILL CHANGE IDP USE CASES INCLUDING ID CAPTURE IN THE EU

Info Source

JULY 18, 2023

By Petra Beck, Senior Analyst Capture Software, Infosource Key Takeaways The expanded eIDAS (electronic Identification, Authentication and Trust Services) 2.0 It will become mandatory for government agencies and businesses in select verticals within the next 2 years. regulation is entering implementation stage in the EU.

Authentication

Authentication e-Delivery B2C Marketing

The blockchain bowling alley – how distributed ledger technology goes mainstream

CGI

MAY 15, 2018

Tue, 05/15/2018 - 06:17. What’s more, it’s poised to spill over from financial services into a wide range of industries. In my work and research, I see financial services organizations using immutability to enhance fraud detection and pinpoint instances of money laundering.

Blockchain

Blockchain Financial Services Insurance Manufacturing

The blockchain bowling alley: How distributed ledger technology goes mainstream

CGI

JULY 28, 2018

Sat, 07/28/2018 - 02:40. What’s more, it’s poised to spill over from financial services into a wide range of industries. In my work and research, I see financial services organizations using immutability to enhance fraud detection and pinpoint instances of money laundering. adrian.alleyne…. Add new comment.

Blockchain

Blockchain Financial Services Insurance Manufacturing

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

* This article first appeared in In-House Defense Quarterly on April 3, 2018. Increasingly, thought leaders, professional organizations, and government agencies are beginning to provide answers. Creating an enterprise-wide governance structure. Aligning cyber risk with corporate strategy.

Cybersecurity

Cybersecurity Risk Passwords Authentication

First American Financial Pays Farcical $500K Fine

NY Department of Financial Services Issues Reminder for Cybersecurity Filing Deadline

Trending Sources

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Top 7 Data Governance Blog Posts of 2018

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Privacy and Cybersecurity Top 10 for 2018

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

$8 million penalty to NYDFS – and another case of over-retention

Archives Records 2018 RMS Annual Meeting

Regulatory Update: NAIC Summer 2018 National Meeting

From principles to actions: building a holistic approach to AI governance

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

Security Compliance & Data Privacy Regulations

4 Special Requirements Social Media and Collaboration Create for GDPR Compliance

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

The Business of Data Newsletter – Issue 7 (7 December 2018)

The time for government blockchain proofs of concept is now

Improve your data relationships with third parties

Sibos 2018 – a whirlwind tour of my week down under

Best Managed Security Service Providers (MSSPs)

Was RI Advice a watershed for cybersecurity law in Australia or a damp squib?

Office of Foreign Assets Control: Making or Facilitating Ransomware Payments May Violate U.S. Sanctions

Canon Reinforces Reliability with Three-Year Warranty for New imageFORMULA DR-C225 II and DR-C225W II Scanners

New York Regulators Call on Insurers to Strengthen the Cyber Underwriting Process

It’s time to think twice about retail loyalty programs

UK: The ICO and the FCA Agree on Strengthened Co-operation and Collaboration

Ransomware Protection in 2021

Federal Agency Data is Under Siege

ABBYY Opens Office in Hong Kong to Strengthen Presence in Asia

Living in a data sovereign world

Takeaways From CCPA Public Forums

California Consumer Privacy Act: The Challenge Ahead – The Interplay Between the CCPA and Financial Institutions

The blockchain bowling alley: How distributed ledger technology goes mainstream

Weekly podcast: banks, Thomas Cook, London cyber court and Facebook

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

California Consumer Privacy Act: The Challenge Ahead — Introduction to Hogan Lovells’ Blog Series

eIDAS 2.0 REGULATION WILL CHANGE IDP USE CASES INCLUDING ID CAPTURE IN THE EU

The blockchain bowling alley – how distributed ledger technology goes mainstream

The blockchain bowling alley: How distributed ledger technology goes mainstream

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Stay Connected