All Cybersecurity articles – Page 6
-
Premium
How to avoid pitfalls of scaling business with generative AI
Generative AI has the potential to be as game-changing for business and society as the internet, social media, and mobile phones were. At the moment, however, the risks seem to outweigh the rewards.
-
News Brief
Treasury: DeFi services vulnerable to AML/CFT, cybersecurity risks
A new U.S. Treasury report concluded that decentralized finance services are being used by bad actors to launder the proceeds of illegal activity, aided by crypto platforms weak or non-existent in anti-money laundering and sanctions compliance programs.
-
Webcast
CPE Webcast: Cyber risk management through an economic lens
How can you build a mature cyber resilience program within your business with a critical lack of technical know-how, significant budget constraints, and few-to-no monitoring of third-party risks?
-
News Brief
TikTok CEO to boast data security efforts in Congress testimony
The fate of popular social media app TikTok in the United States could hinge on the testimony of CEO Shou Zi Chew before the House Committee on Energy and Commerce.
-
News Brief
CISA pilot program seeks to bolster ransomware preparedness
The Cybersecurity and Infrastructure Security Agency announced a pilot program designed to help critical infrastructure entities vulnerable to cyberattacks mitigate a ransomware incident before it occurs.
-
News Brief
SEC proposes Reg S-P updates on incident response, breach notifications
The Securities and Exchange Commission proposed amendments to its regulation requiring broker-dealers, investment companies, and registered investment advisers to establish policies and procedures to safeguard customer records and information.
-
News Brief
Web hosting company fined in DOJ cyber fraud case
Web hosting company Jelly Bean Communications Design and its manager agreed to pay $293,771 in the latest Department of Justice case holding government contractors accountable for poor cybersecurity practices.
-
News Brief
SEC orders Blackbaud to pay $3M for misleading ransomware disclosures
Software company Blackbaud agreed to pay $3 million to the Securities and Exchange Commission to settle claims it violated securities law by failing to disclose the true scope of a ransomware attack that affected 13,000 users.
-
News Brief
HHS creates new enforcement office for health privacy
The Department of Health and Human Services and its office responsible for enforcing health privacy reorganized so it can sharpen enforcement of cybersecurity and data breaches.
-
Premium
Congress or FTC? What about SEC? Where U.S. federal privacy legislation efforts stand in 2023
As more state laws hit the books, businesses are more adamant than ever Congress needs to pass a federal data privacy law. If lawmakers don’t rise to the occasion, which government agency might?
-
Premium
Cloud ‘not a silver bullet’ for security
A panel of cyber experts and a chief compliance officer in financial services discussed the business risks, threat vectors, and vendor ‘gotchas’ associated with transitioning to a cloud provider at CW’s virtual Cyber Risk & Data Privacy Summit.
-
Premium
‘This is where we are now’: Cyber environment calls for continuous monitoring
Securing your organization’s private data when vendors have access to it means managing relationships from beginning to end, panelists at CW’s virtual Cyber Risk and Data Privacy Summit agreed.
-
Opinion
Lessons in cybersecurity: Control the breach narrative
Recent botched data breach responses at Activision Blizzard and GoDaddy prompt timely consideration of communication best practices shared by cybersecurity experts at CW’s virtual Cyber Risk & Data Privacy Summit.
-
Premium
ChatGPT comes with compliance caveats, experts warn
There are downsides to every new technology, and artificial intelligence and machine learning are no exception. Experts discussed the importance for compliance professionals to understand the risks of such tools at CW’s virtual Cyber Risk & Data Privacy Summit.
-
News Brief
HHS reports: Compliance reviews, health data breaches up
The number of compliance reviews by the Department of Health and Human Services of health organizations increased between 2017 and 2021, according to the agency’s latest reports to Congress.
-
Premium
Cybersecurity pillars: Prevention, protection, mitigation, governance
The former superintendent of the New York State Department of Financial Services explained how the structure of a cybersecurity program is like a compliance program and can be divided into four buckets during a panel discussion at CW’s Cyber Risk & Data Privacy Summit.
-
Premium
CISA strategist: What is an SBOM and why it matters to compliance
Cyberattacks on software are increasing, and the best chance organizations have of protecting themselves is to know about potential vulnerabilities through a software bill of materials, CISA Strategist Allan Friedman shared at CW’s virtual Cyber Risk & Data Privacy Summit.
-
News Brief
CPPA seeking comment on cybersecurity audit, risk assessment rule adds
The California Privacy Protection Agency is seeking comment on privacy rules requiring certain large businesses to conduct annual cybersecurity audits and risk assessments if the state believes they are placing consumer data at risk.
-
Premium
Survey: Cybersecurity, regulatory risks lead TPRM priorities in 2023
Respondents to a survey from Compliance Week and Dun & Bradstreet overwhelmingly indicated cybersecurity to be the most important compliance-related area affecting third-party risk management in the new year, though fraud and other risks should still be on their radar.
-
News Brief
SEC exam report highlights Marketing Rule, Reg BI, private fund advisers
The Securities and Exchange Commission’s 2023 examination priorities report laid out areas under the microscope this year, including compliance with the agency’s Marketing Rule and Regulation Best Interest.