Schneier on Security

JANUARY 31, 2024

In October, the Consumer Financial Protection Bureau (CFPB) proposed a set of rules that if implemented would transform how financial institutions handle personal data about their customers. This would change the economics of consumer finance and the illicit data economy that exists today.

Financial Services 118

Financial Services Privacy Personal data Marketing 118

The Last Watchdog

SEPTEMBER 23, 2019

Tech consultancy IDC recently estimated that global spending on security-related hardware, software and services is growing at a compound annual growth rate of 9.2% As I came to understand it, this new approach leverages multi-factor secret sharing algorithms previously only used by government entities. billion by 2022.

Security 159

Security Encryption Compliance Data breaches 159

Hunton Privacy

OCTOBER 17, 2012

On October 15, 2012, the Singapore Parliament passed the Personal Data Protection Act 2012. The new law will apply only to data processing in the private sector as data processing by public agencies (or organizations acting on behalf of public agencies) are already subject to internal government rules.

Personal data 45

Personal data Financial Services Data Privacy Data breaches 45

Hunton Privacy

DECEMBER 19, 2022

On December 15, 2022, the UK government and the Dubai International Financial Centre Authority (“DIFC”) issued a joint statement on the shared commitment to deepening the UK-DIFC data partnership. the pursuit of a closer UK-DIFC partnership on data flows as a way of realizing untapped economic growth.”.

Government 61

Government Financial Services Personal data Security 61

eSecurity Planet

SEPTEMBER 21, 2024

The landscape of cybersecurity laws and regulations today is set to undergo significant changes, impacting businesses, government entities, and individuals alike. The act mandates that businesses implement reasonable safeguards to protect personal data and timely report data breaches.

Cybersecurity 114

Cybersecurity Computer and Electronics Compliance Privacy 114

IT Governance

JULY 31, 2019

Croatian government targeted by mysterious hackers (unknown). LaPorte, Indiana, government pays $132 after its systems crippled by ransomware (unknown). New Bedford, MA, and Syracuse, NY, governments also hit by ransomware (unknown). NV, becomes latest US government to be hit by ransomware (unknown). Data breaches.

Data breaches 111

Data breaches Ransomware Personal data Government 111

Data Protection Report

JULY 5, 2021

The Commission is assessing the application of the Trade Secrets Directive in the context of the data economy, including a study focusing on four key sectors (automotive, health, energy and financial services) with a view to providing clarifying guidance at a later date. B2B data sharing: Ensuring fairness and competitiveness.

B2B 144

B2B Personal data Cloud Access 144

Data Protection Report

JANUARY 2, 2025

The final days of 2024 were very eventful in the world of AI and data protection: the European Data Protection Board ( EDPB ) published its Article 64 General Data Protection Regulation ( GDPR) opinion on training AI models using personal data (the EDPB Opinion). Relying on legitimate interests?

40

40

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security 126

Security Data breaches Ransomware Artificial Intelligence 126

IT Governance

OCTOBER 13, 2023

EvilProxy phishing campaign targets Microsoft 365 accounts via indeed.com A phishing campaign identified by Menlo Security has been targeting senior executives in various industries – most notably banking and financial services, property management and real estate, and manufacturing – since July. Can you spot a phishing scam?

Phishing 105

Phishing Financial Services Manufacturing Personal data 105

DLA Piper Privacy Matters

FEBRUARY 28, 2022

Primary areas of focus for the DPC in 2021 included the safeguarding of children’s data protection rights, progressing ongoing large-scale inquires and prioritising responding to complaints which have raised issues of substance, with a data subject centric approach to resolution. Ongoing Inquiries & Data Transfer Enforcement.

Financial Services 97

Financial Services Data breaches Personal data Compliance 97

Collibra

FEBRUARY 11, 2020

Seizing an opportunity to improve data relationships with third parties. Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed. Exploring third party data relationship risk.

Financial Services 59

Financial Services Digital transformation Personal data Compliance 59

DLA Piper Privacy Matters

APRIL 20, 2021

This introduces a data lifecycle security framework, and represents the key guideline for handling personal and other financial information by financial institutions (i.e. similar to the PIS Specification, but focused on the banking and financial services industry). Level 1: public data.

Compliance 111

Compliance Security Financial Services Data collection 111

Collibra

AUGUST 14, 2023

As we speed into a new AI era, there’s a critical element that’s often missing when organizations rush forward in hyper-competitive markets to build scalable, trusted AI programs — and that’s AI governance. An AI governance framework offers a blueprint for how to create successful AI products.

Government 52

Government Risk Financial Services Compliance 52

Security Affairs

APRIL 20, 2023

In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. However, despite the critical status of bank infrastructure on the national level, the security of crucial data was not ensured. million files belonging to ICICI Bank.

Personal data 98

Personal data Phishing Risk Communications 98

eSecurity Planet

AUGUST 9, 2022

The GDPR provision that may keep IT security teams busiest is Article 32, which requires “a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing” of personal data. GDPR-style data privacy laws came to the U.S.

Data Privacy 143

Data Privacy Compliance Privacy Security 143

Thales Cloud Protection & Licensing

JANUARY 10, 2024

That decision of adequacy provides in substance that there is an adequate level of protection—comparable to that in the EU—for personal data transferred from the EU to US companies that are participating in the DPF. However, European organizations need to dive with eyes wide open when transferring personal data to the US under the DPF.

Data Privacy 83

Data Privacy Personal data Privacy Cloud 83

IT Governance

NOVEMBER 9, 2018

So, you are carrying out profiling if you collect and analyse personal data using algorithms or AI, make associations between habits and characteristics based on that data, and predict individuals’ behaviour based on the demographic or profile that you’ve assigned them. appeared first on IT Governance Blog.

GDPR 75

GDPR Personal data Compliance Financial Services 75

Security Affairs

MARCH 18, 2019

Using Slack EKM, IT admins can revoke access to data within a particular Slack channel, for example, rather than disrupting all users on the entire platform. There are millions of third party app available on the internet that needs permission, integration and access to your personal data. Third Party Apps. Third Party Apps.

Encryption 106

Encryption Risk Financial Services Privacy 106

Hunton Privacy

JULY 17, 2015

On July 14, 2015, pursuant to an implementation requirement of Government Regulation 82 of 2012, the Indonesian government published the Draft Regulation of the Minister of Communication and Information (RPM) of the Protection of Personal Data in Electronic Systems (“Proposed Regulation”). 82 of 2012.

Personal data 40

Personal data Archiving Financial Services Communications 40

DLA Piper Privacy Matters

AUGUST 23, 2021

Instead the PIPL is a robust data privacy framework designed to safeguard individuals’ personal data against abuse, but at the same time to reflect cultural and business attitudes to data in China, as well as new technologies (including advances in AI, biometrics and data analytics), and to enable flows of personal data.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

Data Matters

JUNE 24, 2021

The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021. The Order alleges that this vulnerability exposed over 800 million images dating back to 2003, including sensitive personal data, such as Social Security numbers and financial information.

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

Data Protection Report

MARCH 7, 2024

The proposed definition of “listed identifier” is Full or truncated government identification or account number (such as a Social Security Number, driver’s license or state identification number, passport number, or Alien Registration Number) [Note that this definition apparently includes truncated Social Security Numbers.]

Access 59

Access Military Compliance Personal data 59

Troy Hunt

SEPTEMBER 27, 2024

As it relates to the UK GDPR, there are two essential concepts to understand, and they're the first two bulleted items in their personal data breaches guide : The UK GDPR introduces a duty on all organisations to report certain personal data breaches to the relevant supervisory authority.

Data breaches 117

Data breaches GDPR Personal data Risk 117

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. In the U.S.,

Privacy 85

Privacy GDPR Data breaches Risk 85

Thales Cloud Protection & Licensing

DECEMBER 23, 2019

According to the 2019 Thales Data Threat Report-India Edition , digital transformation is well underway in India, with 41% of Indian respondents saying they are either aggressively disrupting the markets they participate in or embedding digital capabilities that enable greater organizational agility. Complexity is a Barrier to Data Security.

Digital transformation 15

Digital transformation Cloud Encryption Data Privacy 15

Thales Cloud Protection & Licensing

OCTOBER 28, 2024

It aims to ensure that financial institutions, ranging from banks to payment processors, can manage and mitigate risks associated with information and communication technology. Key areas covered by DORA include incident reporting, regular ICT risk assessments, third-party risk management, and maintaining robust governance frameworks.

Privacy 62

Privacy Encryption Compliance Risk 62

eSecurity Planet

JUNE 16, 2022

These new attacks affect everything from private citizens and businesses to government systems; healthcare organizations; public services; and food, water, and fuel supply chains. Crimeware is a type of malware that cyber criminals use to commit identity theft or gain financial information to execute transactions. Other methods.

Ransomware 142

Ransomware Cybersecurity Phishing Encryption 142

IT Governance

NOVEMBER 13, 2023

The data included shoppers’ names, email addresses, phone numbers, countries of residence and membership numbers. The post The Week in Cyber Security and Data Privacy: 6 – 12 November 2023 appeared first on IT Governance UK Blog. The information mostly related to court proceedings.

Data Privacy 66

Data Privacy Privacy Security Data breaches 66

Data Protection Report

DECEMBER 23, 2019

The most significant action came in October, when the Berlin Commissioner for Data Protection and Freedom of Information issued a €14.5million fine against German real estate company, Deutsche Wohnen SE, relating to the excessive retention of personal data. How do you build an effective information governance program?

Privacy 52

Privacy Compliance Personal data Risk 52

Thales Cloud Protection & Licensing

DECEMBER 11, 2018

But it looks like my own personal data has been breached – again. What I’d originally planned to write about was a topic that directly applies – why retailers of all stripes are not investing in data security. Since in Tech we often travel “for a living”, I found in my bag an older Starwood preferred guest card.

Retail 66

Retail Data breaches Encryption Mining 66

Thales Cloud Protection & Licensing

JULY 24, 2023

As global data is predicted to grow by more than 100% from 2022 to 2026, making it a top target for cybercriminals, businesses must prioritize cybersecurity solutions that offer protection without affecting network performance or management. These solutions encrypt data as it moves across networks for maximum security and performance.

Business Services 62

Business Services Encryption Security Manufacturing 62

IT Governance

APRIL 2, 2019

The ICO’s d irector of i nvestigations and i ntelligence , Andy White , said : “Spam email uses people ’ s personal data unlawfully, filling up their inboxes and promoting products and services which they don’t necessarily want. . “We In this instance, Grove rel ied on indirect consent.

Marketing 53

Marketing Personal data GDPR Compliance 53

HL Chronicle of Data Protection

OCTOBER 25, 2019

continues to provide an adequate level of protection for personal data transferred under the Privacy Shield from the EU to participating companies in the U.S. On 12 July 2016, the European Commission issued its adequacy decision concerning the Privacy Shield framework for the transfer of personal data from the EU to the U.S.

Privacy 40

Privacy IT Personal data Financial Services 40

CGI

MAY 25, 2017

The General Data Protection Regulation comes into force a year from now. It will usher in a new data management regime for any organisation collecting, storing or processing personal data. GDPR extends the notion of personal data to any information that contributes to individual identification.

GDPR 40

GDPR Personal data Financial Services Compliance 40

HL Chronicle of Data Protection

NOVEMBER 15, 2018

The draft text of the EU-UK withdrawal agreement was published by the UK Government and the European Union yesterday, providing some of the first concrete indicators of the possible direction of travel in the area of data protection. What constitutes personal data that is subject to the withdrawal agreement is currently unclear.

GDPR 40

GDPR Personal data Government Financial Services 40

IBM Big Data Hub

OCTOBER 16, 2023

Data sovereignty is the control of sensitive data in adherence to local geographical jurisdiction and prevention of unauthorized access and loss of data. Data sovereignty addresses legal, privacy, security and governance concerns associated with the storage, processing and transfer of data.

Cloud 65

Cloud Compliance Data Privacy Privacy 65