All Cybersecurity articles – Page 16
-
PremiumChapter 1, Part 2: All hands on deck in C-suite ransomware response
Following the events that triggered a double extortion ransomware attack, the CEO of fictional private utility company Vulnerable Electric mobilizes her cyber incident response team to begin assessing the path forward to dealing with the cybercriminal(s).
-
ArticleCW case study offers 360-degree view of ransomware attack
Learn through the eyes of the C-suite at Vulnerable Electric, a fictional private utility company impacted by a significant ransomware attack, as part of Compliance Week’s third case study.
-
ArticleBiden plan to expand cybersecurity collaboration with water sector
The Biden administration announced an action plan to collaborate with owners and operators in the water sector to deploy technologies and systems that provide cyber-related threat visibility, indicators, detections, and warnings.
-
ArticleGensler says SEC to consider new rules for cybersecurity, data privacy disclosures
The Securities and Exchange Commission is kicking the tires on new cybersecurity and data privacy disclosure requirements for investment companies, investment advisers, broker-dealers, and public companies, according to agency Chair Gary Gensler.
-
ArticleNAVEX: Top 10 risk and compliance trends for 2022
Diversity, equity, and inclusion; prioritizing ESG; business continuity; and more highlight the latest edition of NAVEX’s annual list of risk and compliance trends worth monitoring.
-
ArticleReport: GDPR fines surpass $1B in 2021; breach notifications also rise
Nearly €1.1 billion (U.S. $1.2 billion) worth of fines have been issued against organizations in the past year for violations of the General Data Protection Regulation, according to the latest annual report by law firm DLA Piper.
-
ArticleAccellion to pay $8.1M in proposed data breach settlement
The Accellion data breach that last year affected a variety of private- and public-sector organizations and compromised the personal data of millions of individuals could be resolved in an $8.1 million class-action settlement.
-
ArticleMorgan Stanley agrees to $60M settlement over compromised personal data
Morgan Stanley has agreed to establish a $60 million fund to settle a class-action lawsuit filed by nearly a dozen customers regarding personal data that was compromised when the bank decommissioned two wealth management centers.
-
ArticleDiMauro: Seven compliance areas to watch in 2022
If 2021 was about transition under the Biden administration, 2022 is looking as if it will be a year of action. CW Director of Compliance Programs & Training Julie DiMauro shares her list of key areas she expects to receive enhanced scrutiny in the year ahead.
-
ArticleDesjardins reaches $155M proposed settlement in data breach class action
Desjardins Group has reached a proposed C$201 million (U.S. $155 million) settlement agreement in a class-action lawsuit following a long-running data breach that ultimately compromised the personal information of nearly 10 million individuals in Canada and abroad.
-
ArticleCybersecurity trends continue in 2021 audit committee transparency report
The most dramatic increase in audit committee disclosures in proxy statements for the second consecutive year was in responsibility for cybersecurity risk oversight, according to the latest report from the Center for Audit Quality and Audit Analytics.
-
ArticleTen things I’d like to see happen in 2022 (2021 in review)
ESG and cryptocurrency figure to be key topics in 2022, but we’re also keeping an eye on President Biden’s anti-corruption efforts, details on Amazon’s record GDPR fine, the status of Facebook’s first CCO, and more.
-
ArticleSEC 2022 rulemaking preview: Clarity to come on ESG, crypto?
In his first year leading the Securities and Exchange Commission, Gary Gensler has tipped his hand regarding stricter oversight of companies’ environmental disclosures and the cryptocurrency industry. Year 2 will likely see words turn to actions.
-
ArticleNYDFS guidance addresses common MFA problems—and how to fix them
The New York State Department of Financial Services outlined common vulnerabilities in multi-factor authentication and how to address them from a cybersecurity risk management standpoint.
-
ArticleOCC report: Cyberattacks, pandemic among top bank risk areas in 2021
Banks and financial institutions regulated by the OCC faced elevated risks in 2021 from cyberattacks launched on them and their third parties, as well as compliance risks related to the pandemic, according to the agency’s latest report.
-
ArticleFive compliance triumphs from 2021
A key CCO appointment, a company committed to transparency, and a bank that spent big on improving its AML controls highlight CW’s annual list of laudable ethics and compliance moments.
-
ArticleGoDaddy data breach affects 1.2M customers
Web hosting company GoDaddy announced an unauthorized third party obtained the email addresses and customer numbers of up to 1.2 million users after improperly accessing its Managed WordPress hosting environment.
-
ArticleRule requires banks report significant ‘computer-security incidents’ within 36 hours
Federal banking regulators issued a rule that requires financial institutions to notify their regulator within 36 hours of a “computer-security incident” that materially affects their operation, ability to deliver services, or the stability of the financial sector.
-
PremiumThe year of ransomware: How companies are boosting cybersecurity controls
High-profile ransomware events over the last year have prompted businesses to beef up cyber defenses through new investments, increased training, and more, according to our “Inside the Mind of the CCO” survey.
-
ArticleTreasury ransomware response: More sanctions, updated FinCEN guidance
The U.S. Treasury continued its crackdown on facilitators of ransomware payments, sanctioning a second virtual currency exchange and its affiliates and updating FinCEN guidance to help make financial institutions more aware of related red flags.