All Cybersecurity articles – Page 3
-
ArticleNew NIST revisions expand scope of cyber supply chain risk management guidance
The National Institute of Standards and Technology is seeking comment on a revised version of its cyber supply chain risk management guidance that is intended for a broader audience of public and private companies.
-
Webcast
CPE Webcast: TPCRM best practices that reduce supply chain risk
Organizations are adopting digital transformation and, as a result, increasing their reliance on third parties faster than they can scale their third-party cyber-risk management programs.
-
Article
SEC fines broker-dealer $1.5M for SARs filing failures
GWFS Equities will pay $1.5 million as part of a settlement with the SEC for lapses in the filing of suspicious activity reports related to the threat of cyber-breaches.
-
Article
James Comey: Lessons from Enron era will ‘become real again’
Former FBI Director James Comey kicked off Compliance Week’s 16th annual National Conference on Tuesday by speaking candidly about a variety of risk and compliance matters, including the importance of a strong ethical culture in the coming post-pandemic “boom times.”
-
Article
What you need to know about proposed EU rules for trustworthy AI
With various levels of defined risk and the potential for steep fines for offenders, the European Commission’s recent proposal to ensure trust in the use of artificial intelligence should receive urgent attention from industries beyond Big Tech.
-
Article
Six best practices for managing cyber-security upon return to office
The hybrid work environment many organizations are expected to utilize as part of the gradual return to the workplace presents numerous cyber-security risks that require proactive attention.
-
Article
Fines key attention to data privacy from boards, says ICO head
The threat of fines has done more to focus boardroom attention on data privacy and effective cyber-security than any other measure, U.K. Information Commissioner Elizabeth Denham believes.
-
Article
New chief compliance officer, same Facebook
It isn’t surprising to see Facebook think it doesn’t have an ethical obligation to alert users to its latest data leak, writes Kyle Brasseur, but it is disappointing knowing the company now has a chief compliance officer in place.
-
Article
U.S. sanctions Russia over SolarWinds hack
The Treasury Department announced sanctions against Russia implemented under an executive order from President Joe Biden in response to the SolarWinds hack and alleged election interference by the country.
-
Video
Video: Kudos to whistleblower chief Jane Norberg on successful SEC tenure
Aaron Nicodemus applauds outgoing SEC whistleblower chief Jane Norberg for “revolutionizing” the program and the agency, while Kyle Brasseur laments Facebook’s ethical bungling of its recent data leak.
-
Article
Facebook facing 10th GDPR probe over data leak
The Irish Data Protection Commission has launched an inquiry into Facebook over concerns the social media giant may not have properly disclosed the full extent of its recent data leak.
-
Article
Facebook’s new leak: Assessing its liability under the GDPR
Old personal data of more than 533 million Facebook users was recently made publicly available on a hacker forum. Could the social media giant face a new investigation under the GDPR in response?
-
Article
Irish DPC seeking answers on Facebook breach
The Irish Data Protection Commission has reached out to Facebook seeking to determine whether the social media giant’s weekend data breach should receive scrutiny under the General Data Protection Regulation.
-
Article
Data breach disclosures drop in 2020, report says
Cyber-breach disclosures in 2020 were down 19 percent from 2019—the first drop in the statistic in five years, according to a new report from Audit Analytics.
-
Article
Booking.com fined $557K under GDPR for reporting data breach late
Online reservation Website Booking.com has been fined €475,000 (U.S. $557,000) by the Dutch Data Protection Authority for reporting a data breach 22 days later than the 72 hours required under the GDPR.
-
Video
Video: More scrutiny coming to data breach disclosures?
Aly McDevitt assesses controversial data breach disclosures from U.K. retailer FatFace and technology vendor Ubiquiti in light of a report Congress is considering stricter requirements for reporting data breaches.
-
Article
James Comey: Buckle up for dangerous post-pandemic risk landscape
Former FBI Director James Comey predicted a “time of extraordinary change” is ahead for the compliance profession in the post-pandemic world during a prerecorded video message at Compliance Week’s Financial Crimes virtual event.
-
Article
Internal audit’s role in cyber-security testing: Where to start
Nathan Anderson, senior director of internal audit at McDonald’s, discusses ways internal audit can better answer management questions about cyber-risks and become a more independent cyber-security testing function overall.
-
Article
Ask a CCO: Are you in favor of federal data privacy legislation?
It’s a clean sweep: All five CCOs we spoke with are in favor of U.S. federal data privacy legislation. Read on for the reasoning behind their answers.
-
Article
NYDFS fines mortgage banker $1.5M for cyber-security violations
The New York State Department of Financial Services fined Residential Mortgage Services $1.5 million for violating New York’s cyber-security regulation.
