All Cybersecurity articles – Page 7
-
WebcastCPE Webcast: If it’s not auditable, is it real?
Learn the importance of creating a unified environment to keep up with compliance regulations and how critical having a central source of information is for compliance professionals.
-
News BriefCMMC implementation plan takes shape in proposed rule
The Department of Defense released for comment a proposed rule setting guidelines for implementation of the Cybersecurity Maturity Model Certification program.
-
ResourceWhite paper: Empowering Cybersecurity Governance and Disclosures
Do you have a clear vision of what ‘good’ means when it comes to managing governance and your security program? Setting the right targets for your organization is crucial.
-
PremiumTop ethics and compliance failures of 2023
A virtual currency exchange that sought to mislead regulators, banks failing after ignoring obvious risks, and a manufacturer that sold millions of its products in violation of U.S. export controls are among those that make up CW’s list of the biggest ethics and compliance fails of 2023.
-
PremiumExperts: More privacy rules, enforcement expected in 2024
Businesses can prepare for a bumpy ride as the 2024 global landscape of data privacy and other related laws and regulations begins to take shape.
-
News BriefDOJ sets expectations for SEC cyber incident disclosure delays
Companies won’t have an easy path toward earning additional time from the Department of Justice regarding the disclosure of a material cybersecurity incident to the Securities and Exchange Commission as required under a new rule.
-
News BriefFBI guidance: How to earn delay on SEC cyber incident disclosures
Businesses seeking additional time before disclosing to the Securities and Exchange Commission the occurrence of a material cybersecurity incident must be prepared to provide detailed information on the matter to the Federal Bureau of Investigation.
-
PremiumAI in 2024: More business use, more fraud risks
Use of generative artificial intelligence by businesses will ramp up in 2024, as will risk of AI-driven cyberattacks and fraud, according to experts.
-
News BriefLafourche Medical Group to pay $480K in landmark HHS phishing action
Louisiana-based Lafourche Medical Group agreed to pay $480,000 as part of the first phishing attack-related settlement the Department of Health and Human Services’ Office for Civil Rights has reached under the Health Insurance Portability and Accountability Act.
-
News BriefHHS: New cybersecurity regs on the way for hospitals
Hospitals can soon expect to see new draft cybersecurity regulations and benchmarking goals, according to the Department of Health and Human Services.
-
News BriefFirst American fined $1M by NYDFS over 2019 cybersecurity breach
First American Title Insurance Company agreed to pay a $1 million fine and implement stronger compliance measures for not securing customers’ personal data, the New York State Department of Financial Services announced.
-
News BriefAustralia seeks help from businesses under ‘bold and ambitious’ cyber strategy
Australia released an updated cybersecurity strategy that will rely more heavily on public-private partnerships to support the country’s cyber defense efforts.
-
News BriefCISA guidance provides cyber risk mitigation strategies for healthcare
New guidance released by the Cybersecurity and Infrastructure Security Agency offers best practices for organizations in the healthcare and public health sector to adopt to combat rising cyber threats.
-
News BriefMorgan Stanley settles with states for $6.5M over mishandled data
Morgan Stanley agreed to pay $6.5 million as part of a settlement with six states requiring the firm to strengthen its data security after actions it took compromised the personal data of millions of customers.
-
News BriefN.Y. hospitals face stiff cybersecurity requirements under proposed rules
New York hospitals would be required to have a cybersecurity program that includes regular cyber risk assessments under newly proposed regulations.
-
News BriefMerged UBS, AI on FINMA’s risk radar
A year of significant change in the Swiss banking sector, including the acquisition of Credit Suisse by UBS, has the country’s financial regulator prioritizing new risk areas on its radar.
-
News BriefAmended N.Y. cyber regs up pressure on financial firms to combat risks
New York will require financial institutions to conduct risk assessments more often and improve governance under a broad update to the state’s cybersecurity regulations.
-
News BriefMedical management company to pay $100K in landmark HHS ransomware case
Doctors’ Management Service agreed to pay $100,000 in settling the first ransomware agreement under the Health Insurance Portability and Accountability Act reached by the Department of Health and Human Services’ Office for Civil Rights.
-
News BriefSolarWinds cries SEC ‘overreach’ in fraud lawsuit against company, CISO
SolarWinds will contest a lawsuit brought by the Securities and Exchange Commission against it and its chief information security officer alleging fraud and internal control failures related to the software company’s cyberattack reported in 2020.
-
News BriefFTC tweaks Safeguards Rule to address data breaches
Nonbank financial institutions must report certain data breaches to the Federal Trade Commission within 30 days of discovery under a new amendment to the agency’s Safeguards Rule.