All Cybersecurity articles
-
ArticleStudy: Healthcare overtakes finance as most breached industry in 2022
Healthcare organizations were under attack more than ever by cybercriminals in 2022, overtaking finance as the most breached industry, according to the latest analysis from Kroll.
-
Article
Report: Audit committees bracing for increased role in ESG, ERM, cyber
A new report from the Center for Audit Quality and Deloitte found corporate boards are taking a fresh look at their audit committee structures and practices to respond to emerging corporate reporting areas and increased risks.
-
Article
FCC probing T-Mobile after latest cyber incident affects 37M
The Federal Communications Commission launched an investigation into T-Mobile after the telecommunications giant disclosed it suffered yet another significant cybersecurity lapse exposing customer information.
-
Article
Covington to contest SEC court request for breached client data
The Securities and Exchange Commission asked a federal court to force Covington & Burling to comply with a subpoena seeking the law firm turn over names of about 300 clients impacted by a 2020 cyberattack.
-
Article
Drizly data security to be monitored for 20 years under FTC order
Online alcohol retailer Drizly and its chief executive officer agreed to data security requirements and to be assessed by an independent monitor for up to 20 years as part of a final settlement with the Federal Trade Commission over a data breach that impacted 2.5 million consumers.
-
Article
FINRA focuses on financial crime in annual exam report
The Financial Industry Regulatory Authority’s annual report on examinations and risk monitoring indicated a new emphasis for the regulator on combating financial crime, particularly cybercrime.
-
Article
Coinbase to pay $100M after NYDFS probe into compliance lapses
Cryptocurrency exchange Coinbase agreed to pay $100 million as part of a settlement with the New York State Department of Financial Services for compliance failures that opened the door for criminals to carry out illegal activity through the platform.
-
Article
Irish DPC probing Twitter over breach affecting 5.4M users
The Irish Data Protection Commission is investigating whether Twitter violated the European Union’s General Data Protection Regulation regarding a data breach alleged to have affected 5.4 million users.
-
Article
Abanca fined $3.3M for missing 2-hour breach reporting deadline
The European Central Bank fined Spanish bank Abanca €3.145 million (U.S. $3.3 million) after it “knowingly failed” to report a major cyber breach within the prescribed two-hour time limit.
-
Webcast
Webcast: Continuous compliance monitoring in cyber risk management
The concept of continuous compliance monitoring in the cyber risk management world has been around for more than two decades, yet most organizations are either ignoring or struggling to put an effective and affordable plan into place.
-
Article
ESG oversight highlighted in annual audit committee transparency report
Public companies continue to increase the overall level of audit committee disclosures in proxy statements, though there is room to improve quality by providing more tailored disclosures and transparency, according to the latest annual report.
-
Article
DOJ official addresses liability concerns stemming from Uber CSO case
Principal Associate Deputy Attorney General Marshall Miller called the conviction of a former Uber Technologies chief security officer on obstruction charges an “outlier” that should not discourage compliance officers from self-reporting violations.
-
Article
Loaded SEC agenda to carry into 2023
The Securities and Exchange Commission is expected to see through its controversial policy proposals from 2022, though the newly Republican-led House could slow the agency’s momentum.
-
Article
CFTC commissioner stresses ‘urgency’ in call for heightened crypto oversight
Christy Goldsmith Romero, a commissioner at the Commodity Futures Trading Commission, is lobbying the regulator to use its existing authority to conduct “heightened supervision” over derivative exchanges to create more oversight in crypto markets.
-
Article
Meta fined $274M under GDPR for data scraping breach
Meta Platforms Ireland was fined €265 million (U.S. $274 million) for failing to put in place adequate measures to protect users’ data after a leak compromised the personal details of more than half a billion individuals.
-
Article
Discord fined $830K for GDPR lapses
Discord, a popular communication service primarily utilized by the video game community, was assessed a fine of €800,000 (U.S. $829,000) by the French data protection authority for multiple violations of the General Data Protection Regulation related to safeguarding user data.
-
Article
Cybersecurity staffing woes play part in FTC Safeguards Rule delays
The Federal Trade Commission extended the deadline for compliance with certain changes to its Safeguards Rule announced last year, in part because of labor shortages in the cybersecurity market.
-
Article
Australia privacy law proposal sets steep penalty mark for breaches
The Australian government is weighing stringent new privacy reforms that would establish among the steepest penalty regimes in the world—up to AUD$50 million (U.S. $33.5 million)—for serious or repeated breaches.
-
Article
SolarWinds under SEC probe for handling of 2020 cyberattack
SolarWinds revealed the Securities and Exchange Commission is examining cybersecurity disclosures and public statements the company and its executives made after its massive 2020 data breach caused by hackers backed by the Russian government.
-
Article
FinCEN: U.S. banks paid $1.2B to ransomware criminals last year
Banks reported paying a record $1.2 billion to ransomware criminals in 2021, the Financial Crimes Enforcement Network announced.
