Authentication, Financial Services and Insurance

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

Thales Cloud Protection & Licensing

JANUARY 16, 2024

Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds madhav Wed, 01/17/2024 - 05:46 The Digital Operational Resilience Act (DORA) will apply to the EU financial sector from 17 January 2025. As set out in its Article 2, DORA applies to the entire financial services sector.

Financial Services

Financial Services Cloud Cybersecurity Encryption

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. based First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2

Insurance

Insurance Financial Services Mining Access

FFIEC Guidance on Authentication and Access to Financial Institution Services and Systems

Data Matters

AUGUST 17, 2021

On August 11, 2021, the Federal Financial Institutions Examination Council (FFIEC)1 issued guidance establishing risk management principles and practices to support the authentication of users accessing a financial institution’s information systems and customers accessing a financial institution’s digital banking services (the Guidance).

Authentication

Authentication Access Risk Financial Services

How Multi-factor Authentication Can Benefit Your Industry

Rocket Software

AUGUST 17, 2020

Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. For almost every industry, multi-factor authentication can be beneficial. What is Multi-factor Authentication? E-signatures, however, are a lot more difficult to authenticate and validate.

Authentication

Authentication Financial Services Passwords Insurance

President Trump Signs Financial Services Regulatory Reform Legislation

Data Matters

JUNE 5, 2018

The definition of “banking entity” now excludes insured depository institutions (and their parent companies and affiliates) if (i) the institution has less than $10 billion in total consolidated assets and (ii) the institution’s trading assets and liabilities are less than 5 percent of its total consolidated assets.

Financial Services

Financial Services Insurance Privacy Authentication

NY Investigates Exposure of 885 Million Mortgage Documents

Krebs on Security

MAY 31, 2019

No authentication was needed to access the digitized records. On May 29, The New York Times reported that the inquiry by New York’s Department of Financial Services is likely to be followed by other investigations from regulators and law enforcement. ”

Financial Services

Financial Services Insurance Sales Authentication

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

These recommendations are further detailed below, but two to note in particular: The Advisory recommends that organizations “require multi-factor authentication for all users, without exception.” Require multi-factor authentication (MFA) for all users.

Cybersecurity

Cybersecurity Financial Services Authentication Government

NYDFS settles cybersecurity regulation matter for $1.8 million

Data Protection Report

JUNE 2, 2021

On May 13, 2021, the New York Department of Financial Services (NYDFS) announced a $1.8 million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. NYDFS Cybersecurity Regulation.

Cybersecurity

Cybersecurity Insurance Financial Services Phishing

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

Data Matters

FEBRUARY 25, 2021

This follows the FCA’s announcement in its 2020-21 business plan that payment services were one of its main supervisory priorities 1 and its temporary guidance of July 9, 2020, on prudential risk management and safeguarding in light of the COVID-19 pandemic ( Temporary COVID Guidance ). Authentication code.

Authentication

Authentication Paper Risk Insurance

Central Bank Digital Currency (CBDC) and blockchain enable the future of payments

IBM Big Data Hub

AUGUST 17, 2023

This technology has numerous potential applications in the financial services industry, supply chain management, voting systems and more. Also, CBDC can improve financial inclusion. billion people do not have access to basic financial services. According to the World Bank, around 1.7

Blockchain

Blockchain Financial Services Risk Authentication

Oracle Critical Patch Update for January 2022 will fix 483 new flaws

Security Affairs

JANUARY 17, 2022

.” The CPU will address critical vulnerabilities in Oracle Essbase, Graph Server and Client, Secure Backup, Communications Applications, Communications, Construction and Engineering, Enterprise Manager, Financial Services Applications, Fusion Middleware, Insurance Applications, PeopleSoft, Support Tools, and Utilities Applications.

Communications

Communications Financial Services Big data Retail

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance

Insurance Cybersecurity Data breaches Financial Services

Identifying E-signature Requirements to Accelerate Digital Adoption and Meet Global Compliance

AIIM

OCTOBER 15, 2018

In North America, e-signatures are based on multiple authentication aspects with a focus on knowledge-based authentication which cannot be applied in EU due to much stricter privacy regulations. Allianz was mapping the insurance buyer’s journey across all product lines to identify what’s required for best-in-class signing experiences.

Compliance

Compliance Insurance Digital transformation Authentication

New York SHIELD Act $600,000 settlement

Data Protection Report

FEBRUARY 8, 2022

According to the settlement agreement, the AG concluded that EyeMed’s security practices did not meet the requirements of the SHIELD Act with respect to four requirements: authentication, password management, logging and monitoring, and data retention in the email account. In total, information for approximately 2.1 SHIELD Act.

Passwords

Passwords Financial Services Authentication Insurance

New York State Expected to Increase Enforcement of Cybersecurity Practices

HL Chronicle of Data Protection

FEBRUARY 25, 2020

Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the effective date of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act or Act).

Cybersecurity

Cybersecurity Financial Services Data breaches Insurance

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively.” Experts warn that the Energy sector was a major focus of this campaign, followed by manufacturing, and insurance. ” continues the report.

Phishing

Phishing Energy and Utilities Insurance Manufacturing

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. On March 17, 2022, the U.S.

Cybersecurity

Cybersecurity Privacy Insurance Risk

NYDFS settles cybersecurity regulation matter for $3 million

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC), relating to violations of three different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2020. NYDFS Cybersecurity Regulation.

Cybersecurity

Cybersecurity Financial Services Phishing Compliance

FTC Proposes Changes to GLB Privacy and Safeguards Rules

Hunton Privacy

MARCH 8, 2019

The proposed changes would add more detailed requirements on how financial institutions must protect customer information. Notably, the proposed amendments would require covered financial institutions to encrypt all customer data held or transmitted by the institution both in transit over external networks and at rest.

Privacy

Privacy Insurance Financial Services Encryption

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Data Matters

APRIL 20, 2021

DOL guidance provides a series of questions that should serve as a starting point for this review and includes topics such as the service provider’s information security standards, track record, cybersecurity insurance coverage, and cybersecurity validation techniques.

Cybersecurity

Cybersecurity Insurance Risk Compliance

Multi-Factor Authentication Best Practices & Solutions

eSecurity Planet

OCTOBER 5, 2021

Passwords are the most common authentication tool used by enterprises, yet they are notoriously insecure and easily hackable. At this point, multi-factor authentication (MFA) has permeated most applications, becoming a minimum safeguard against attacks. Jump to: What is multi-factor authentication? MFA can be hacked.

Authentication

Authentication Passwords Access Computer and Electronics

Expect More Spam Calls and SIM-Card Scams: 400 Million Phone Numbers Exposed

Adam Levin

SEPTEMBER 5, 2019

Once the number has been transferred, the criminal has control of any accounts that are identified by caller ID (including many financial institutions) as well as any accounts protected by two-factor authentication. It is believed this was the method used to recently hack Jack Dempsey’s Twitter account. . What You Can Do.

Mining

Mining Authentication Financial Services Privacy

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

KnowBe4

MARCH 28, 2023

Strategies include: Developing a comprehensive, defense-in-depth plan Technical controls all organizations should consider Gotchas to watch out for with cybersecurity insurance Benefits of implementing new-school security awareness training Best practices for creating and implementing security policies Get the E-Book now!

Phishing

Phishing Security awareness Insurance Cybersecurity

Marriott Breach: More than 500 Million Guest Affected

Adam Levin

NOVEMBER 30, 2018

If you prefer a more laid back approach, sign up for free transaction alerts from financial services institutions and credit card companies, or subscribe to a credit and identity monitoring program, 3. There are some basics when it comes to protecting yourself when your information is compromised, and they are simple.

Financial Services

Financial Services Encryption Passwords Communications

NYDFS settles with EyeMed for $4.5 million

Data Protection Report

OCTOBER 24, 2022

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020. The settlement requires EyeMed to pay $4.5 million, among other things. Background.

Cybersecurity

Cybersecurity Personal data Risk Financial Services

Transition period under New York Cybersecurity Regulation ends March 1, 2019

Data Protection Report

JANUARY 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS””) Cybersecurity Regulation , 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective.

Cybersecurity

Cybersecurity Compliance Financial Services Risk

NYDFS Requires COVID-19 Plans by April 9

Data Protection Report

APRIL 2, 2020

On March 10, 2020, the New York Department of Financial Services (NYDFS) issued guidance to all of its regulated institutions engaged in virtual currency business activity, requiring them to have plans for preparedness to manage the possible operational and financial risks posed by the COVID-19 pandemic.

Risk

Risk Communications Authentication Financial Services

What is Cybersecurity Risk Management?

eSecurity Planet

FEBRUARY 11, 2022

The simplest example may be insurance. Life, health, auto, and other insurance are all designed to help a person protect against losses. Risk management is a concept that has been around as long as companies have had assets to protect. Maintaining Regulatory Compliance.

Risk

Risk Cybersecurity Encryption Access

February 15 deadline looms for first DFS Cybersecurity Certification

Data Protection Report

FEBRUARY 8, 2018

February 15, 2018, is quickly approaching and any entity subject to New York’s cybersecurity regulation (23 NYCRR Part 500) must file its first annual certification of compliance with the New York State Department of Financial Services (DFS) by that date.

Cybersecurity

Cybersecurity Financial Services Compliance Insurance

FTC Seeks Comment on Proposed Changes to its GLBA Safeguards and Privacy Rules

Data Matters

MARCH 12, 2019

Of particular note, the Safeguards Rule NPRM proposes to align the FTC’s requirements with those of the New York Department of Financial Services (“NYDFS”), as found in its cybersecurity regulations, and the National Association of Insurance Commissioners (“NAIC”), as found in its insurance data security model law.

Privacy

Privacy IT Information Security Insurance

The most valuable AI use cases for business

IBM Big Data Hub

FEBRUARY 14, 2024

Financial services AI-powered FinOps (Finance + DevOps) helps financial institutions operationalize data-driven cloud spend decisions to safely balance cost and performance in order to minimize alert fatigue and wasted budget.

Artificial Intelligence

Artificial Intelligence Retail Unstructured data Insurance

50 Ways to Avoid Getting Scammed on Black Friday

Adam Levin

NOVEMBER 17, 2020

Mobile payment platforms, like Apple Pay and Google Pay, use advanced technology, like fingerprint authentication and tokenization (in which credit card account numbers are replaced by randomly generated numbers) to provide brick-and-mortar shoppers with an added layer of security. Enable two-factor authentication.

Retail

Retail e-Delivery Passwords Phishing

The blockchain bowling alley: How distributed ledger technology goes mainstream

CGI

JULY 20, 2018

What’s more, it’s poised to spill over from financial services into a wide range of industries. Another use case is the insurance claims process where a blockchain could document property insured and pay claims more quickly. This year will be the test of whether pilots can be turned into production.

Blockchain

Blockchain Financial Services Insurance Manufacturing

The blockchain bowling alley: How distributed ledger technology goes mainstream

CGI

JULY 28, 2018

What’s more, it’s poised to spill over from financial services into a wide range of industries. Another use case is the insurance claims process where a blockchain could document property insured and pay claims more quickly. This year will be the test of whether pilots can be turned into production.

Blockchain

Blockchain Financial Services Insurance Manufacturing

The blockchain bowling alley – how distributed ledger technology goes mainstream

CGI

MAY 15, 2018

What’s more, it’s poised to spill over from financial services into a wide range of industries. Another use case is the insurance claims process where a blockchain could document property insured and pay claims more quickly. This year will be the test of whether pilots can be turned into production.

Blockchain

Blockchain Financial Services Insurance Manufacturing

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Krebs on Security

NOVEMBER 19, 2021

In reality, the fraudster initiates a transaction — such as the “forgot password” feature on the financial institution’s site — which is what generates the authentication passcode delivered to the member. To combat this scam Zelle introduced out-of-band authentication with transaction details.

IT

IT Passwords Authentication Phishing

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

However, basic cybersecurity tools and practices, like patching , strong passwords , and multi-factor authentication (MFA), “can prevent 80 to 90% of cyberattacks,” said Anne Neuberger, deputy national security advisor for cyber and emerging technologies, during a White House press conference in Sept. Other methods.

Ransomware

Ransomware Cybersecurity Phishing Encryption

US: Coronavirus – Cybersecurity considerations for your newly remote workforce

DLA Piper Privacy Matters

APRIL 2, 2020

Multi-Factor Authentication. Multi-Factor Authentication (MFA) is a powerful tool in combating potential unauthorized access to systems where access credentials have been lost or stolen. Some newer laws, such as the New York Department of Financial Services Cybersecurity Regulation, require MFA under certain circumstances.

Cybersecurity

Cybersecurity Phishing Authentication Access

FTC Seeks Comment on Proposed Changes to GLBA Implementing Rules

HL Chronicle of Data Protection

MARCH 14, 2019

The proposed Rule will also require multi-factor authentication for any individual accessing customer information, but, unlike the NYDFS which imposed a similar requirement in the Cybersecurity Regulation, the FTC declined to endorse text messages as a permitted second factor.

Privacy

Privacy Risk Cybersecurity Information Security

Best Fraud Management Systems & Detection Tools in 2022

eSecurity Planet

SEPTEMBER 16, 2022

In its 2021 Threat Force Intelligence Index , IBM reported that manufacturing and financial services were the two industries most at risk for attack, making up 23.2% Fraud.net offers specific solutions for a number of industries, including gaming, financial services, and eCommerce, as well as government organizations.

Analytics

Analytics Risk Authentication Financial Services

US: Surviving the service provider data breach

DLA Piper Privacy Matters

JULY 30, 2019

Some states – such as Alabama, Massachusetts and New York (for financial services companies) – prescribe particular requirements of a “reasonable” cybersecurity program. At least nine states expressly extend these requirements to service providers. Proof of adequate cyber insurance coverage.

Data breaches

Data breaches Cybersecurity Financial Services Risk

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

Board-management discussions about cyber risk should include identification of which risks to avoid, which to accept, and which to mitigate or transfer through insurance, as well as specific plans associated with each approach. Source Authentication. Authentication and Lifecycle Management. Principle 5.

Cybersecurity

Cybersecurity Risk Passwords Authentication

SHARED INTEL: Akamai reports web attack traffic spiked 62 percent in 2020 — all sectors hit hard

The Last Watchdog

MAY 24, 2021

billion hitting financial services organizations — an increase of more than 45 percent year-over-year in that sector. billion web app attacks last year, with more than 736 million targeting financial services. billion web attacks globally; 736 million in the financial services sector. A: Everything.

Financial Services

Financial Services Passwords Data breaches Authentication

DORA: 1 year to go! Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds

NY Charges First American Financial for Massive Data Leak

Trending Sources

FFIEC Guidance on Authentication and Access to Financial Institution Services and Systems

How Multi-factor Authentication Can Benefit Your Industry

President Trump Signs Financial Services Regulatory Reform Legislation

NY Investigates Exposure of 885 Million Mortgage Documents

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

NYDFS settles cybersecurity regulation matter for $1.8 million

UK FCA Consults on Changes to Strong Consumer Authentication, Dedicated Interfaces, and Guidance on Payment Services

Central Bank Digital Currency (CBDC) and blockchain enable the future of payments

Oracle Critical Patch Update for January 2022 will fix 483 new flaws

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

Identifying E-signature Requirements to Accelerate Digital Adoption and Meet Global Compliance

New York SHIELD Act $600,000 settlement

New York State Expected to Increase Enforcement of Cybersecurity Practices

A massive phishing campaign using QR codes targets the energy sector

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

NYDFS settles cybersecurity regulation matter for $3 million

FTC Proposes Changes to GLB Privacy and Safeguards Rules

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Multi-Factor Authentication Best Practices & Solutions

Expect More Spam Calls and SIM-Card Scams: 400 Million Phone Numbers Exposed

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

Marriott Breach: More than 500 Million Guest Affected

NYDFS settles with EyeMed for $4.5 million

Transition period under New York Cybersecurity Regulation ends March 1, 2019

NYDFS Requires COVID-19 Plans by April 9

What is Cybersecurity Risk Management?

February 15 deadline looms for first DFS Cybersecurity Certification

FTC Seeks Comment on Proposed Changes to its GLBA Safeguards and Privacy Rules

The most valuable AI use cases for business

50 Ways to Avoid Getting Scammed on Black Friday

The blockchain bowling alley: How distributed ledger technology goes mainstream

The blockchain bowling alley: How distributed ledger technology goes mainstream

The blockchain bowling alley – how distributed ledger technology goes mainstream

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

What is a Cyberattack? Types and Defenses

US: Coronavirus – Cybersecurity considerations for your newly remote workforce

FTC Seeks Comment on Proposed Changes to GLBA Implementing Rules

Best Fraud Management Systems & Detection Tools in 2022

US: Surviving the service provider data breach

An Approach to Cybersecurity Risk Oversight for Corporate Directors

SHARED INTEL: Akamai reports web attack traffic spiked 62 percent in 2020 — all sectors hit hard

Stay Connected