All Cybersecurity articles – Page 10
-
News BriefSEC orders Blackbaud to pay $3M for misleading ransomware disclosures
Software company Blackbaud agreed to pay $3 million to the Securities and Exchange Commission to settle claims it violated securities law by failing to disclose the true scope of a ransomware attack that affected 13,000 users.
-
News BriefHHS creates new enforcement office for health privacy
The Department of Health and Human Services and its office responsible for enforcing health privacy reorganized so it can sharpen enforcement of cybersecurity and data breaches.
-
PremiumCongress or FTC? What about SEC? Where U.S. federal privacy legislation efforts stand in 2023
As more state laws hit the books, businesses are more adamant than ever Congress needs to pass a federal data privacy law. If lawmakers don’t rise to the occasion, which government agency might?
-
PremiumCloud ‘not a silver bullet’ for security
A panel of cyber experts and a chief compliance officer in financial services discussed the business risks, threat vectors, and vendor ‘gotchas’ associated with transitioning to a cloud provider at CW’s virtual Cyber Risk & Data Privacy Summit.
-
Premium‘This is where we are now’: Cyber environment calls for continuous monitoring
Securing your organization’s private data when vendors have access to it means managing relationships from beginning to end, panelists at CW’s virtual Cyber Risk and Data Privacy Summit agreed.
-
OpinionLessons in cybersecurity: Control the breach narrative
Recent botched data breach responses at Activision Blizzard and GoDaddy prompt timely consideration of communication best practices shared by cybersecurity experts at CW’s virtual Cyber Risk & Data Privacy Summit.
-
PremiumChatGPT comes with compliance caveats, experts warn
There are downsides to every new technology, and artificial intelligence and machine learning are no exception. Experts discussed the importance for compliance professionals to understand the risks of such tools at CW’s virtual Cyber Risk & Data Privacy Summit.
-
News BriefHHS reports: Compliance reviews, health data breaches up
The number of compliance reviews by the Department of Health and Human Services of health organizations increased between 2017 and 2021, according to the agency’s latest reports to Congress.
-
PremiumCybersecurity pillars: Prevention, protection, mitigation, governance
The former superintendent of the New York State Department of Financial Services explained how the structure of a cybersecurity program is like a compliance program and can be divided into four buckets during a panel discussion at CW’s Cyber Risk & Data Privacy Summit.
-
PremiumCISA strategist: What is an SBOM and why it matters to compliance
Cyberattacks on software are increasing, and the best chance organizations have of protecting themselves is to know about potential vulnerabilities through a software bill of materials, CISA Strategist Allan Friedman shared at CW’s virtual Cyber Risk & Data Privacy Summit.
-
News BriefCPPA seeking comment on cybersecurity audit, risk assessment rule adds
The California Privacy Protection Agency is seeking comment on privacy rules requiring certain large businesses to conduct annual cybersecurity audits and risk assessments if the state believes they are placing consumer data at risk.
-
PremiumSurvey: Cybersecurity, regulatory risks lead TPRM priorities in 2023
Respondents to a survey from Compliance Week and Dun & Bradstreet overwhelmingly indicated cybersecurity to be the most important compliance-related area affecting third-party risk management in the new year, though fraud and other risks should still be on their radar.
-
News Brief
SEC exam report highlights Marketing Rule, Reg BI, private fund advisers
The Securities and Exchange Commission’s 2023 examination priorities report laid out areas under the microscope this year, including compliance with the agency’s Marketing Rule and Regulation Best Interest.
-
News BriefTreasury report flags benefits, drawbacks to use of cloud services
The Treasury Department issued a report regarding the benefits and challenges associated with the use of cloud service providers by financial sector firms, finding shortcomings related to transparency, staff support, and cybersecurity incident response.
-
News BriefBanner Health to pay $1.25M over HIPAA Security Rule lapses
Banner Health agreed to pay $1.25 million as part of a settlement with the Department of Health and Human Services addressing violations of the Health Insurance Portability and Accountability Act Security Rule regarding a 2016 data breach.
-
PremiumCybersecurity challenges: Defense and disclosure
Experts share perspectives regarding the criticality of cybersecurity risks, what the response of management and boards should be, and how proposed disclosure requirements need to be incorporated into cyber-related responsibilities.
-
PremiumStudy: Healthcare overtakes finance as most breached industry in 2022
Healthcare organizations were under attack more than ever by cybercriminals in 2022, overtaking finance as the most breached industry, according to the latest analysis from Kroll.
-
PremiumReport: Audit committees bracing for increased role in ESG, ERM, cyber
A new report from the Center for Audit Quality and Deloitte found corporate boards are taking a fresh look at their audit committee structures and practices to respond to emerging corporate reporting areas and increased risks.
-
News BriefFCC probing T-Mobile after latest cyber incident affects 37M
The Federal Communications Commission launched an investigation into T-Mobile after the telecommunications giant disclosed it suffered yet another significant cybersecurity lapse exposing customer information.
-
News BriefCovington to contest SEC court request for breached client data
The Securities and Exchange Commission asked a federal court to force Covington & Burling to comply with a subpoena seeking the law firm turn over names of about 300 clients impacted by a 2020 cyberattack.