Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. Revised Definition of Class A Companies. Covered Entities must have a monitoring process that ensures prompt notification of any new security vulnerabilities.

Financial Services 55

Financial Services Cybersecurity Ransomware Risk 55

Krebs on Security

JULY 21, 2022

. “There are just horrifying stories that run the gamut in terms of victims, from young women early in their careers, to senior citizens and even to people working in the financial services industry.” “There are definitely some psychological mechanisms at work to encourage people to invest more.”

Marketing 335

Marketing Communications Mining Financial Services 335

IBM Big Data Hub

NOVEMBER 29, 2023

Financial Services clients are increasingly looking to modernize their applications. Moreover, many of these financial services applications support regulated workloads, which require strict levels of security and compliance, including Zero Trust protection of the workloads. initiative.

Cloud 89

Cloud Financial Services Security Compliance 89

The Last Watchdog

APRIL 3, 2019

Not only is the notion of what comprises a perimeter shifting, the definition of what constitutes a “user” is metamorphizing, as well. The key security lesson is that an identity gets assigned to each and every RPA, creating fresh attack vectors. Users re-defined. Most often, a user is a human being. Talk more soon.

Digital transformation 140

Digital transformation Insurance Compliance Healthcare 140

Collibra

JANUARY 9, 2025

Consistent data and metric definitions Data and metric definitions are centrally managed in Collibra to ensure consistency across every system and data source. Data quality tools that copy data are creating a bigger enterprise risk due to redundant copies and possible security policies being removed in new locations.

Compliance 52

Compliance Risk Financial Services Access 52

IT Governance

DECEMBER 11, 2023

Researchers from the German cyber security company Aplite discovered 3,806 servers from 111 countries accessible on the Internet. Only 3 definitely haven’t had data breached. 138 of them are known to have had data exfiltrated or exposed. We’ve also found 6 organisations providing a significant update on a previously disclosed incident.

Data Privacy 97

Data Privacy Energy and Utilities Privacy Manufacturing 97

Hunton Privacy

JULY 5, 2023

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published an updated proposed Second Amendment (“Amendment”) to its Cybersecurity Regulation, 23 NYCRR Part 500. On November 9, 2022, NYDFS published a first draft of the proposed Amendment and received comments from stakeholders over a 60-day period.

Cybersecurity 113

Cybersecurity IT Compliance Financial Services 113

erwin

MAY 2, 2019

Enterprise architect is a common job title within IT organizations at large companies, but the term lacks any standard definition. That’s one of the reasons the enterprise architect role has no standard definition. One team member might specialize in security, for example, and another in applications.

Digital transformation 95

Digital transformation Healthcare Compliance Cloud 95

Data Protection Report

OCTOBER 23, 2024

The regulation includes elements of both the Health Insurance Portability and Accountability Act (HIPAA) and the New York Department of Financial Services (NYDFS) cybersecurity regulation. It does not include specific provisions like a HIPAA business associate agreement.

Cybersecurity 45

Cybersecurity Risk Access Financial Services 45

Data Matters

DECEMBER 23, 2020

Federal Deposit Insurance Corporation (FDIC) approved and the federal banking agencies jointly announced on December 18 a notice of proposed rulemaking, Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers (NPR). Definition of Subject Entities: .

Security 67

Security Cybersecurity Insurance Communications 67

Data Matters

JUNE 24, 2022

Securities and Exchange Commission (Commission) issued a request for comment with respect to whether certain index, model, pricing, and other information providers should be regulated as investment advisers under the Investment Advisers Act of 1940. On June 15, 2022, the U.S. Providing reports or analysis alone may be sufficient.

Marketing 87

Marketing Financial Services Security Analytics 87

Collibra

MAY 16, 2022

This want to commingle the solutions likely stems from the Gartner definition published in the Magic Quadrant for Data Quality Solutions, which rightfully states that data quality needs “identification, understanding[,] and correcting flaws in data.”. For financial services, data governance found its roots in risk.

Government 105

Government Risk Financial Services Access 105

DLA Piper Privacy Matters

MARCH 3, 2023

Author: Sarah Birkett Cyber Security Strategy discussion paper launched This week saw the launch of a discussion paper for the Australian Government’s 2023-2030 Australian Cyber Security Strategy. The discussion paper refers to the lofty aim of making Australia the most cyber secure nation by 2030.

Data breaches 52

Data breaches Security Paper Financial Services 52

Thales Cloud Protection & Licensing

OCTOBER 27, 2021

The benefits of cloud come with significant new security challenges for organizations. The Thales Cloud Security Study 2021 of more than 2,600 respondents from around the world tries to respond to key questions: How widespread is multi-cloud? What are the operational challenges of managing security across multiple clouds?

Cloud 71

Cloud Encryption Financial Services Authentication 71

IT Governance

MARCH 11, 2024

Only 3 definitely haven’t had data breached. Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. million for security failings relating to a 2018 cyber attack on its mobile banking platform. Organisation(s) Sector Location Data breached?

Data Privacy 78

Data Privacy Privacy Security Data breaches 78

Data Matters

MARCH 12, 2019

Over the last few years, States have enacted increasingly aggressive legislation concerning data privacy and security, raising concerns that companies will be subject to a patchwork of different standards. Aligning the Safeguards Rule with State Regimes.

Privacy 67

Privacy IT Information Security Insurance 67

Data Matters

MARCH 28, 2022

OCR concludes most cyber-attacks could be prevented or substantially mitigated if HIPAA covered entities and business associates implemented HIPAA Security Rule requirements to address the most common types of attacks. implement a security awareness and training program for all workforce members pursuant to the HIPAA Security Rule.

Cybersecurity 87

Cybersecurity Privacy Insurance Risk 87

erwin

JANUARY 7, 2021

However, challenges persist if your organization doesn’t take proper precautions in supporting a remote workforce — from human resources to productivity and IT security – especially when regulations such as the European Union’s General Data Protection Regulation (GDPR) are involved.

Metadata 98

Metadata Government Compliance Artificial Intelligence 98

Data Protection Report

OCTOBER 1, 2019

Although California has recently captured the lion’s share of attention with respect to privacy and security, on October 23, 2019, New York’s amended security breach law goes into effect, and on March 1, 2020, new security safeguards go live (N.Y. Readers may recall that New York’s security breach notification law (N.Y.

Security 40

Security Financial Services Passwords Risk 40

Data Protection Report

JANUARY 6, 2020

Although the AG’s view was that the SCCs are valid, he suggested that those using them would need to examine the national security laws of the data importer’s jurisdiction to determine whether they can in fact comply with the terms of the SCCs. GDPR wasn’t the beginning and it’s definitely not the end. In the U.S., Conquer the world!

Privacy 85

Privacy GDPR Data breaches Risk 85

Hunton Privacy

JANUARY 3, 2017

On December 28, 2016, the New York State Department of Financial Services (“DFS”) announced an updated version of its cybersecurity regulation for financial institutions (the “Updated Regulation”). The Updated Regulation will become effective on March 1, 2017.

Cybersecurity 40

Cybersecurity Financial Services Authentication Information Security 40

Data Matters

APRIL 11, 2022

The Cyber Security Law (2017) (the CSL ) prohibits operators of critical information infrastructures ( CIIs ) from transferring their “important data” and personal information outside of China. The CSL does not provide a definition for “important data”. Network Data Security Regulation. The CSL and the DSL.

Military 87

Military Artificial Intelligence Security Financial Services 87

Data Matters

AUGUST 5, 2019

Together, the new laws require the implementation of reasonable data security safeguards, expand breach reporting obligations for certain types of information, and require that a “consumer credit reporting agency” that suffers a data breach provide five years of identity theft prevention services for impacted residents.

Cybersecurity 67

Cybersecurity Data breaches Privacy Risk 67

DLA Piper Privacy Matters

APRIL 26, 2021

Definition of AI system. The definition of an AI system is intended to be technology-neutral and future-proof, while providing legal certainty. a) The definition of a high-risk AI system. Security : A high level of accuracy, robustness and security must consistently be ensured throughout the high-risk AI system’s lifecycle.

Artificial Intelligence 114

Artificial Intelligence Risk Marketing GDPR 114

Reltio

FEBRUARY 3, 2021

The Reltio Connected Data Platform provides agility, scale, simplicity, security, and performance unmatched by competitors. The scope, weighting, and even definition of evaluation criteria can vary among firms. Reltio’s API-first approach eases configuration and integration with downstream applications for developers.

MDM 98

MDM Cloud Marketing B2C 98

Data Protection Report

APRIL 9, 2024

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) published a Notice of Proposed Rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which imposes new reporting requirements for entities operating in critical infrastructure sectors.

Ransomware 84

Ransomware Agriculture Cybersecurity Government 84

Data Protection Report

DECEMBER 17, 2020

In December 2020 the EC is due to publish two important legislative proposals, the Digital Services Act and the Digital Markets Act ( DMA ). The Data Strategy proposed the establishment of nine common European data spaces for data sharing and pooling, including health, mobility, manufacturing, financial services, energy, and agriculture.

Government 102

Government Personal data Marketing Agriculture 102

IT Governance

JANUARY 23, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight More than 70 million email addresses added to Have I Been Pwned The security researcher Troy Hunt has added more than 70 million email addresses from the Naz.API data set to his Have I Been Pwned data breach notification service. VF Corporation confirms 35.5

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

DLA Piper Privacy Matters

AUGUST 23, 2021

Definition of Personal information and Sensitive Personal information “Personal information” means any kind of information relating to an identified or identifiable natural person, either electronically or otherwise recorded, but excluding information that has been de-identified or anonymised.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

Hunton Privacy

MAY 13, 2011

The provisions are aimed at standardizing the requirements for reporting security breaches by, among other things, establishing statutory definitions of a “security breach” and “sensitive personally identifiable information.”.

Cybersecurity 40

Cybersecurity Data breaches Information Security Financial Services 40

HL Chronicle of Data Protection

MAY 21, 2018

Circuit struck down the FCC’s 2015 interpretation of the definition of “automatic telephone dialing system” (autodialer) as overly broad, arbitrarily vague, and “utterly unreasonable.” FCC , the Federal Communications Commission is going back to the drawing board in a new Public Notice that seeks comment on foundational TCPA issues.

Communications 40

Communications Financial Services Privacy Government 40

Collibra

JULY 9, 2024

Definitely a partnership” An organization the size of Baptist Health doesn’t change platforms overnight. There was a point in time when we felt like we didn’t know who we needed to reach out to to get certain approvals or bypasses through security — even when setting up Collibra.” Definitely, it was a partnership,” Jennifer agrees.

Cloud 52

Cloud Analytics Government Artificial Intelligence 52

Preservica

NOVEMBER 6, 2017

I recently spoke with the IG director for a global financial services firm about progress in addressing long-term digital information. Leadership is aware that secure, authenticated access to digital information is vital for decision making, meeting compliance and legal requirements, and sustaining client relationships.

Digital preservation 56

Digital preservation Information governance Government Archiving 56

Data Matters

DECEMBER 27, 2018

The Business Roundtable is notable in proposing – with support from a spectrum of industry players including from financial services — that current sector-specific regulations should be harmonized with a national privacy law. The Data Care Act and CDT proposals would give the FTC rulemaking to flesh out such mechanisms.

Privacy 67

Privacy Data Privacy Personal data Data breaches 67

Data Protection Report

NOVEMBER 1, 2023

Under the Federal Trade Commission’s (“FTC”) new amendment to the Safeguards Rule (the “Amended Rule”), non-banking financial institutions will have to report certain data breaches and other security events to the agency. Notice is required as soon as possible, and not later than 30 days after discovery of the security breach.

Encryption 59

Encryption Cybersecurity Data breaches Financial Services 59

OpenText Information Management

SEPTEMBER 23, 2024

A Cloud Manager at a large financial services firm reports on LoadRunner Cloud’s impact on their organization’s planned tests and efficiency: “We can plan and run tests using LoadRunner Cloud without having to manage testing infrastructure. So it definitely saves us time—approximately 30 to 40 days per project in man-hours.”

Cloud 64

Cloud Analytics Financial Services IT 64

HL Chronicle of Data Protection

DECEMBER 7, 2018

This blog post provides background on the scope of the exemption and an overview of key considerations for financial institutions developing CCPA compliance programs. The financial services industry is one of the most heavily regulated industries when it comes to protecting the privacy of personal information. Background.

Privacy 40

Privacy Financial Services Compliance Data breaches 40