New York will require financial institutions to conduct risk assessments more often and improve governance under a broad update to the state’s cybersecurity regulations.
Cybersecurity
Posted inData Privacy
Medical management company to pay $100K in landmark HHS ransomware case
Doctors’ Management Service agreed to pay $100,000 in settling the first ransomware agreement under the Health Insurance Portability and Accountability Act reached by the Department of Health and Human Services’ Office for Civil Rights.
Posted inRegulatory Enforcement
SolarWinds cries SEC ‘overreach’ in fraud lawsuit against company, CISO
SolarWinds will contest a lawsuit brought by the Securities and Exchange Commission against it and its chief information security officer alleging fraud and internal control failures related to the software company’s cyberattack reported in 2020.
Posted inFinancial Services
FTC tweaks Safeguards Rule to address data breaches
Nonbank financial institutions must report certain data breaches to the Federal Trade Commission within 30 days of discovery under a new amendment to the agency’s Safeguards Rule.
Posted inRisk Management
Survey: Risk chiefs feeling pressure from growing compliance mandates
Mounting compliance requirements and technological innovations have chief risk officers facing more complex risk environments, according to a KPMG survey.
Posted inRisk Management
Risk models show finance, real estate most likely to face costly cyber events
The finance and real estate industries are at higher risk of experiencing a high-cost material cybersecurity incident, compared to other sectors, according to new research from risk modeling firm Kovrr based off data from U.S. Fortune 1,000 companies.
Posted inRisk Management
UAE joins pact with U.S. on cybersecurity cooperation
The United States and United Arab Emirates finalized an agreement to work together to safeguard the financial sector from cyberattacks.
Posted inData Privacy
Modern-day enterprises: How to prepare for and prove network compliance
The need to prove network compliance is intensifying as lawmakers introduce new privacy legislation and organizations update their contractual security requirements for third-party vendors.
Posted inRisk Management
Blackbaud settles with states for $49.5M over 2020 data breach
Software company Blackbaud agreed to pay $49.5 million in a multistate settlement addressing charges related to a 2020 cyberattack that exposed the personal data of approximately 13,000 consumers.
Posted inRisk Management
Cybersecurity, AML risks among SEC 2024 exam priorities
SEC examiners will be asking tough questions of registered firms regarding how they handle risks related to operational security, interact with financial technology companies and crypto assets, and the maturity of their anti-money laundering programs.
