All Cybersecurity articles – Page 14
-
Article
What factors are driving change in your corporate investigations process?
A recent survey from Compliance Week and OpenText reveals while investigations and data volumes are on the rise, machine learning combined with external expertise may give companies the upper hand in accelerating response and results.
-
Article
Q&A: How Kaiser Permanente has handled change brought by COVID-19
Vanessa Benavides, chief compliance and privacy officer and senior VP at Kaiser Permanente, shares how the company adjusted its policies and procedures because of COVID-19 and the lessons she learned along the way.
-
Article
Judge dismisses CCPA-related lawsuit against Walmart
A federal judge in California dismissed a lawsuit alleging a data breach at Walmart was a violation of the California Consumer Privacy Act, noting the plaintiff failed to prove a breach occurred.
-
Webcast
CPE Webcast: Incident and breach management 101
Today’s breach landscape is unprecedented and complex. Every organization is facing potential enforcement of many interconnected and overlapping laws in multiple jurisdictions, each with restrictive timelines. In this complex environment, it is not enough to have a response plan. Your organization needs a response system.
-
Article
Robinhood Crypto anticipates $10M penalty for cyber, AML failures
Robinhood Markets said its cryptocurrency platform might face a penalty of “at least” $10 million from the New York State Department of Financial Services for anti-money laundering and cyber-security failures.
-
Article
British Airways settles 2018 data breach class action
British Airways has settled one of the U.K.’s largest group actions after thousands of people sought compensation following a 2018 data breach that resulted in the airline being fined under the GDPR.
-
Article
TPRM 2021: What to do before, during, and after a ransomware attack
Two risk and compliance practitioners opened their cyber-playbooks at CW’s TPRM virtual event, explaining how to identify and address vulnerabilities, establish transparency with vendors, and strengthen an organization’s incident management program.
-
Article
Takeaways from NYDFS ransomware guidance
The New York State Department of Financial Services has issued guidance for regulated entities describing best practices for reducing the risk of a ransomware attack.
-
Article
Pandemic effect on TPRM practices here to stay, expert warns
With many businesses still sorting through the new layers of risk that have emerged over the last 16 months, Linda Tuck Chapman of the Third Party Risk Institute shared her top areas of focus and more at CW’s virtual TPRM event.
-
Article
Big week for breaches: McDonald’s, Carnival, and more
Multiple high-profile companies—including Carnival, Wegmans, McDonald’s, Volkswagen, and CVS—have confirmed in recent days they were either victims of a data breach or were alerted to a gap in their security controls.
-
Article
First American Financial settles SEC charges for cyber-security failures
First American Financial Corp. reached a $487,616 settlement with the SEC for failing to maintain cyber-security disclosure controls and procedures that exposed more than 800 million title insurance records containing sensitive customer information.
-
Article
SEC rulemaking list 2021: ESG, cyber-risk governance among highlights
The SEC’s spring 2021 rulemaking list is brimming with proposed regulations that would enhance ESG-related disclosures for public companies in areas like climate change, board diversity, human capital management, and cyber-security risk governance.
-
Article
JBS USA confirms $11M ransom payment to hackers
Meatpacker JBS USA announced it paid the equivalent of $11 million in ransom in response to a May cyber-attack that impacted its operations in North America and Australia.
-
Article
Assessing yet another ransomware attack on critical supplier (JBS)
Meatpacker JBS USA has become the latest critical infrastructure company to be targeted by a ransomware attack, which temporarily halted its global operations. The attack brings with it implications for the food and agriculture industries.
-
Article
Colonial Pipeline fallout: Thwarting ransomware attacks requires collective defense
President Biden’s executive order on cyber-security largely applies to federal agencies. But its core message—that the public and private sectors must collectively defend against increasingly malicious ransomware attacks—should not be lost on companies.
-
Article
Survey: Data access further complicated by emerging privacy laws
A recent survey of 100 executives from Fortune 500 companies found more than half are struggling to balance easy access to company data with privacy and security compliance under laws like the GDPR and CCPA.
-
Article
New NIST revisions expand scope of cyber supply chain risk management guidance
The National Institute of Standards and Technology is seeking comment on a revised version of its cyber supply chain risk management guidance that is intended for a broader audience of public and private companies.
-
Webcast
CPE Webcast: TPCRM best practices that reduce supply chain risk
Organizations are adopting digital transformation and, as a result, increasing their reliance on third parties faster than they can scale their third-party cyber-risk management programs.
-
Article
SEC fines broker-dealer $1.5M for SARs filing failures
GWFS Equities will pay $1.5 million as part of a settlement with the SEC for lapses in the filing of suspicious activity reports related to the threat of cyber-breaches.
-
Article
James Comey: Lessons from Enron era will ‘become real again’
Former FBI Director James Comey kicked off Compliance Week’s 16th annual National Conference on Tuesday by speaking candidly about a variety of risk and compliance matters, including the importance of a strong ethical culture in the coming post-pandemic “boom times.”