Cyber-Security


European Central Bank

European Central Bank announces data breach

2019-08-16T17:35:00+01:00By

The European Central Bank announced unauthorized parties breached the security measures protecting its Banks’ Integrated Reporting Dictionary (BIRD) Website, which is hosted by an external provider.

CapitaoOneStory

Capital One hacker may have targeted dozens more

2019-08-16T16:50:00+01:00By

It appears Capital One may be just one in a long list of companies and organizations to be victimized by what now appears to be the inner workings of a serial hacker, in what the Department of Justice is calling one of “the largest cyber intrusions and data thefts in ...

Facial recognition

Facebook loses appeal, faces costly privacy class action

2019-08-12T16:34:00+01:00By

The ruling of a federal appeals court has Facebook once again at risk of facing fines north of $1 billion for alleged misuse of users’ biometric data.

Cisco

Cisco’s $8.6M settlement for security flaws has broader ramifications

2019-08-02T17:15:00+01:00By

Cisco has reached an $8.6 million settlement for knowingly selling video surveillance software with critical security vulnerabilities. It’s believed to be the first cyber-security whistleblower case of its kind successfully litigated under the False Claims Act.

CapitaoOneStory

Capital One announces massive data breach

2019-07-30T13:38:00+01:00By

Capital One Financial announced a hacker obtained the personal information of approximately 100 million individuals in the United States and approximately six million individuals in Canada.

Credit breach

Lesson from Equifax penalty (at least $575M): Breach ‘entirely preventable’

2019-07-22T19:45:00+01:00By

What resulted in the largest-ever breach of consumer data culminated in the largest data breach enforcement action in history.

EU data flag

GDPR enforcement varies widely by country

2019-07-19T18:38:00+01:00By

Most EU countries have now issued fines under the GDPR. Determining which are the toughest enforcers depends on one’s viewpoint—we lay out country-by-country look at the enforcement trends to date.

IrelandDataPrivacy

All eyes on how Ireland will handle Big Tech and GDPR

2019-07-19T18:38:00+01:00By

Ireland—home EU regulator to Big Tech firms including Google, Twitter, and Facebook—is the key country not to have issued a GDPR-related fine yet, though the regulator has said it has started at least 19 inquiries into the sector.

Europedata

What we can learn from the biggest GDPR fines so far

2019-07-19T18:38:00+01:00By

Recent record-breaking fines for GDPR violations levied on British Airways and Marriott by the U.K. Information Commissioner’s Office offer a glimpse into what GDPR enforcement might look like going forward and serve up a warning to companies that data privacy protocols must be foolproof.

Onfido infographic cover img

Guide: Can your ID verification solution stand the heat?

2019-07-11T18:48:00+01:00Provided by

The price of fraud keeps going up, costing the global economy $41.6 trillion per year. Recognizing the four degrees of fraud is the first step in keeping fraudulent users off your platform.

Marriott

Marriott reveals $124M GDPR fine for data breach

2019-07-09T16:23:00+01:00By

Marriott has disclosed in a filing with the SEC that the U.K.’s Information Commissioner’s Office intends to fine it roughly £99 million (U.S. $124 million) for infringements of the EU’s GDPR.

British Airways

British Airways faces record-setting GDPR fine of $230 million

2019-07-08T14:05:00+01:00By

British Airways was hit Monday with the largest penalty to date under the EU’s GDPR, a £183.39m (U.S. $230 million) fine stemming from the compromised data of nearly 500,000 customers.

Data security

FTC expands scope of data security compliance requirements

2019-06-27T18:25:00+01:00By

The FTC is turning up the heat on the data security compliance requirements companies must meet in the event of an enforcement action following a data breach.

Poll

Poll shows gaps in integrated risk management

2019-06-21T14:40:00+01:00By

Many organizations’ enterprise risk management capabilities aren’t as integrated as they need to be, leaving them vulnerable to legal, financial, regulatory, and reputational risks, according to a new GRC benchmark report.

Zuckerbergcrop

Despite critics, Facebook plunges into virtual currency

2019-06-19T17:37:00+01:00By

Amid growing antitrust scrutiny and data privacy complaints, Facebook is nevertheless expanding into the cryptocurrency space.

trulioo 300x200

Webcast: How Modern Identity Networks Can Marry Convenience, Compliance and Privacy

2019-06-13T14:05:00+01:00Provided by

Identity lies at the very foundation of our day-to-day experience, yet, it’s the weakest link in the chain of interactions taking place in the online, borderless economy. While technology evolved at an exponential pace, the global identity infrastructure that we inherited still remains antiquated and has proven to be an ...

11201_CC_-190

Takeaways from Compliance Week 2019

2019-05-28T13:35:00+01:00By

The 14th annual Compliance Week conference is in the books, and with it more than 60 sessions filled with helpful anecdotes, shared best practices, career advice, and much, much more.

hackerone 300x200

Meet PCI DSS Requirements for Assessing Vulnerabilities with Crowdsourced Security Testing

2019-05-21T17:31:00+01:00Provided by

Today’s 21st century security teams are dealing with greater challenges in protecting customer data—growing attack surfaces, third-party integrations, agile development, and cloud infrastructure. Yet, many organizations are limited by traditional penetration tests and scanners that are ineffective for today’s 21st century cybersecurity concerns. A better approach is needed to discover ...

FourthStory

Dark Web grows as an investigative tool

2019-05-15T18:10:00+01:00By

A telling detail uncovered in the 2019 Survey on Anti-Bribery & Corruption was that about 6 percent of respondents said they extend their data searches into the “Dark Web.”

securelink 300x200

Vendor remote access: How to protect your organization from data breaches

2019-05-07T15:16:00+01:00Provided by

Cybersecurity continues to be a significant area of concern, with a higher frequency of multi-million dollar, potentially deadly, security breaches, 63 percent of which can be attributed to a third party.

Cyber-security

Study: Firms pay more than $2K per employee for cyber-security

2019-05-06T18:34:00+01:00By

The cost breakdown of cyber-security for financial institutions is just one of the challenges facing firms.

starcompliance wp img

The Compliance Officer’s Ultimate Compliance Guide

2019-05-02T16:20:00+01:00Provided by

The job of compliance officer has become increasingly dominated by technology and automation. And one under constant pressure from changing regulation globally.

FinalReport

Report: FTC, CFPB have blind spots for credit reporting agencies

2019-03-27T21:36:00+00:00By

A report by the Government Accountability Office finds that the FTC and CFPB have oversight and enforcement shortcomings when it comes to credit reporting agencies.

Bitcointrap

Banks, central banks warned of crypto-currency risks and pitfalls

2019-03-25T21:46:00+00:00By

Despite failures, plummeting prices, and a plethora of risks, financial institutions and central banks are cautiously looking at ways to use virtual currencies. International regulators are warning them that doing so haphazardly could be disastrous.

David Lefort

Insider threats often are hardest to detect

2019-03-15T19:26:00+00:00By

In his latest editorial, Compliance Week Editor in Chief Dave Lefort applies what he learned at CW West to recent insider scandals and provides several compliance-related takeaways.

Huawei

Huawei sues U.S. gov. for ‘unconstitutional sales restrictions’

2019-03-07T20:42:00+00:00By

Controversial tech giant Huawei has filed a complaint in a U.S. federal court that challenges the constitutionality of government restrictions on its products.

columnist icons2

Facebook: Can a data privacy dog really learn new tricks?

2019-03-07T20:40:00+00:00By

Mark Zuckerberg, founder and CEO of Facebook, wrote a long, detailed blog post on Wednesday to announce new data security and privacy initiatives. Has he seen the light, or is this yet another false promise from the social media giant?

camerahead

FTC proposes consumer data rule changes for financial institutions

2019-03-06T22:07:00+00:00By

The Federal Trade Commission is seeking public comment on proposed amendments to rules under the Gramm-Leach-Bliley Act that protect the privacy and security of customer information held by financial institutions.

InternalAudit

Internal audit still vexed by data, third-party risks

2019-03-06T21:55:00+00:00By

Internal audit is making strides in steering its focus and resources toward companies’ emerging risks—but there’s still some work to be done, the IIA says.