All Cybersecurity articles – Page 6
-
PremiumConsultation opens debate on proposed U.K. cyber governance code
Cybercrime is regularly cited as a leading concern for executives, yet board oversight of cyber risks is often inadequate and governance poorly understood, according to the authors of a proposed U.K. code of practice on cybersecurity governance.
-
PremiumNew DOJ cyber section wants more private sector partnership
Cooperation between businesses and the new cybersecurity section at the Department of Justice has led to the successful defanging of numerous, major ransomware operations worldwide in just the few months since its creation, according to its chief.
-
PremiumOFAC official urges company transparency on ransomware events
Despite its reputation as a fierce enforcer of sanctions, the Office of Foreign Assets Control has a softer side and wants to help companies that are hit with ransomware attacks, according to the agency’s senior compliance officer.
-
News BriefVF discloses data breach impacted 35.5M customers
Apparel company VF Corp., the owner of brands including The North Face, Vans, and Timberland, disclosed its estimation approximately 35.5 million customers had their personal data stolen as part of a cybersecurity incident it uncovered in December.
-
News BriefRobinhood Financial to pay $7.5M in Mass. settlement
Online stock trading platform and broker-dealer Robinhood Financial agreed to pay a $7.5 million fine as part of a settlement with the Commonwealth of Massachusetts addressing claims related to “gamification” of its platform and cybersecurity issues that lent to a 2021 data breach.
-
News BriefGenesis Global Trading fined $8M by NYDFS over AML, cyber lapses
Virtual currency brokerage firm Genesis Global Trading agreed to pay an $8 million penalty levied by the New York State Department of Financial Services for alleged compliance failures that left it vulnerable to illicit activity and cybersecurity threats.
-
PremiumNIST report: Mitigating the risks of cyberattacks on AI systems
Cyberattacks on artificial intelligence systems are increasing, so it’s important users know their vulnerabilities and try to soften the damage if they get hit, according to a new report by the National Institute of Standards and Technology.
-
PremiumDeepfakes: A silent threat to digital integrity and AML efforts
Deepfakes have emerged in the digital world as a silent pandemic threatening not only our digital integrity but becoming a major risk to anti-money laundering efforts.
-
PremiumCPPA preview: Cybersecurity audit regs nearing formal proposal
Companies with business in California could face tough new cybersecurity mandates under draft regulations that could be headed for formal rulemaking as soon as Friday.
-
News BriefFINRA report: Exam trends on off-channel comms, crypto, cybersecurity
A new report from the Financial Industry Regulatory Authority provides observations from examiners on emerging issues affecting the industry, including surveilling potential use of off-channel communications by employees, crypto-asset developments, cybersecurity trends, and more.
-
WebcastCPE Webcast: If it’s not auditable, is it real?
Learn the importance of creating a unified environment to keep up with compliance regulations and how critical having a central source of information is for compliance professionals.
-
News BriefCMMC implementation plan takes shape in proposed rule
The Department of Defense released for comment a proposed rule setting guidelines for implementation of the Cybersecurity Maturity Model Certification program.
-
ResourceWhite paper: Empowering Cybersecurity Governance and Disclosures
Do you have a clear vision of what ‘good’ means when it comes to managing governance and your security program? Setting the right targets for your organization is crucial.
-
PremiumTop ethics and compliance failures of 2023
A virtual currency exchange that sought to mislead regulators, banks failing after ignoring obvious risks, and a manufacturer that sold millions of its products in violation of U.S. export controls are among those that make up CW’s list of the biggest ethics and compliance fails of 2023.
-
PremiumExperts: More privacy rules, enforcement expected in 2024
Businesses can prepare for a bumpy ride as the 2024 global landscape of data privacy and other related laws and regulations begins to take shape.
-
News BriefDOJ sets expectations for SEC cyber incident disclosure delays
Companies won’t have an easy path toward earning additional time from the Department of Justice regarding the disclosure of a material cybersecurity incident to the Securities and Exchange Commission as required under a new rule.
-
News BriefFBI guidance: How to earn delay on SEC cyber incident disclosures
Businesses seeking additional time before disclosing to the Securities and Exchange Commission the occurrence of a material cybersecurity incident must be prepared to provide detailed information on the matter to the Federal Bureau of Investigation.
-
PremiumAI in 2024: More business use, more fraud risks
Use of generative artificial intelligence by businesses will ramp up in 2024, as will risk of AI-driven cyberattacks and fraud, according to experts.
-
News BriefLafourche Medical Group to pay $480K in landmark HHS phishing action
Louisiana-based Lafourche Medical Group agreed to pay $480,000 as part of the first phishing attack-related settlement the Department of Health and Human Services’ Office for Civil Rights has reached under the Health Insurance Portability and Accountability Act.
-
News BriefHHS: New cybersecurity regs on the way for hospitals
Hospitals can soon expect to see new draft cybersecurity regulations and benchmarking goals, according to the Department of Health and Human Services.