All Cybersecurity articles – Page 10
-
PremiumKPMG report: Bank supervision, cyber among reg focus areas for rest of year
A new report by KPMG on key regulatory challenges for the second half of 2023 warned financial institutions to prepare for increased scrutiny, while all companies should expect more questions on how they oversee their cybersecurity and data management programs.
-
News BriefFTC orders Amazon pay $30M for alleged Alexa, Ring privacy violations
Amazon is set to pay more than $30 million comprised of a civil penalty and consumer refunds to resolve two separate cases alleging privacy violations regarding its Alexa voice assistant service and Ring doorbell subsidiary.
-
Resourcee-Book: New audit risk landscape: ESG, cyber, more
As companies face sustainability reporting challenges, accounting and audit firms are fielding increased requests for assistance, along with demands from investors and regulatory bodies for assurance on disclosures.
-
News BriefOneMain Financial fined $4.25M in NYDFS cybersecurity case
Mortgage servicer OneMain Financial Group will pay $4.25 million to settle allegations it left customer information vulnerable to cyberattacks by failing to implement required controls under New York’s cybersecurity law.
-
News BriefFTC warns businesses to risk assess uses of biometric technologies
Businesses that make false or unsubstantiated claims regarding facial recognition and other biometric technologies could face enforcement from the Federal Trade Commission, the agency warned in a policy statement.
-
News BriefEx-Uber security chief avoids prison in obstruction case
The former chief security officer of Uber Technologies was sentenced to probation by a federal court judge as punishment for his involvement in covering up a 2016 data breach that affected 57 million users.
-
News BriefSEC risk alert flags branch office cybersecurity controls
The protection of customer personal data by branch offices of broker-dealers and investment advisers should be just as robust—and as well-coordinated—as protocols used by the firm’s home office, according to the Securities and Exchange Commission.
-
News BriefHHS teases policy changes stemming from cyber resiliency analysis
Some U.S. hospitals are falling short in protecting themselves from cyberattacks, with 29 percent of facilities recently surveyed lacking a documented GRC system, a new report from the Department of Health and Human Services found.
-
PremiumHow to avoid pitfalls of scaling business with generative AI
Generative AI has the potential to be as game-changing for business and society as the internet, social media, and mobile phones were. At the moment, however, the risks seem to outweigh the rewards.
-
News BriefTreasury: DeFi services vulnerable to AML/CFT, cybersecurity risks
A new U.S. Treasury report concluded that decentralized finance services are being used by bad actors to launder the proceeds of illegal activity, aided by crypto platforms weak or non-existent in anti-money laundering and sanctions compliance programs.
-
News BriefTikTok CEO to boast data security efforts in Congress testimony
The fate of popular social media app TikTok in the United States could hinge on the testimony of CEO Shou Zi Chew before the House Committee on Energy and Commerce.
-
News BriefCISA pilot program seeks to bolster ransomware preparedness
The Cybersecurity and Infrastructure Security Agency announced a pilot program designed to help critical infrastructure entities vulnerable to cyberattacks mitigate a ransomware incident before it occurs.
-
News Brief
SEC proposes Reg S-P updates on incident response, breach notifications
The Securities and Exchange Commission proposed amendments to its regulation requiring broker-dealers, investment companies, and registered investment advisers to establish policies and procedures to safeguard customer records and information.
-
News BriefWeb hosting company fined in DOJ cyber fraud case
Web hosting company Jelly Bean Communications Design and its manager agreed to pay $293,771 in the latest Department of Justice case holding government contractors accountable for poor cybersecurity practices.
-
News BriefSEC orders Blackbaud to pay $3M for misleading ransomware disclosures
Software company Blackbaud agreed to pay $3 million to the Securities and Exchange Commission to settle claims it violated securities law by failing to disclose the true scope of a ransomware attack that affected 13,000 users.
-
News BriefHHS creates new enforcement office for health privacy
The Department of Health and Human Services and its office responsible for enforcing health privacy reorganized so it can sharpen enforcement of cybersecurity and data breaches.
-
PremiumCongress or FTC? What about SEC? Where U.S. federal privacy legislation efforts stand in 2023
As more state laws hit the books, businesses are more adamant than ever Congress needs to pass a federal data privacy law. If lawmakers don’t rise to the occasion, which government agency might?
-
PremiumCloud ‘not a silver bullet’ for security
A panel of cyber experts and a chief compliance officer in financial services discussed the business risks, threat vectors, and vendor ‘gotchas’ associated with transitioning to a cloud provider at CW’s virtual Cyber Risk & Data Privacy Summit.
-
Premium‘This is where we are now’: Cyber environment calls for continuous monitoring
Securing your organization’s private data when vendors have access to it means managing relationships from beginning to end, panelists at CW’s virtual Cyber Risk and Data Privacy Summit agreed.
-
OpinionLessons in cybersecurity: Control the breach narrative
Recent botched data breach responses at Activision Blizzard and GoDaddy prompt timely consideration of communication best practices shared by cybersecurity experts at CW’s virtual Cyber Risk & Data Privacy Summit.