Cyber-Security


SEC

SEC names new cyber chief

2019-12-03T17:31:00+00:00By

The Securities and Exchange Commission announced the appointment of Kristina Littman as chief of the Division of Enforcement’s Cyber Unit.

Excellence in Compliance Awards

Introducing ‘The Excellence in Compliance Awards’

2019-12-02T22:03:00+00:00By

Compliance Week is making some changes to its annual awards for 2020, evolving the “Top Minds” recognition into a full-blown, specifically targeted awards program dubbed “The Excellence in Compliance Awards.”

DIgitalUnease

U.S. consumers express unease over personal data collection

2019-11-20T14:57:00+00:00By

A recent survey says a majority of Americans don’t trust data privacy policies and procedures, even while U.S. companies are hastening to enhance them in advance of the California Consumer Privacy Act’s implementation.

CCPAUpdate

10 things you need to know about CCPA compliance

2019-11-19T21:37:00+00:00By

It’s go-time for compliance as the clock ticks toward the Jan. 1 effective date of the California Consumer Privacy Act.

Audit committee

Report: Investor confidence in audit committees high; more transparency needed

2019-11-19T21:13:00+00:00By

The 2019 Audit Committee Transparency Barometer indicated investor confidence in audit committee effectiveness was strong (81 percent) and had increased 10 percentage points since the first report was issued in 2014.

ThumbsUp

Data-driven compliance can create business success

2019-11-18T21:41:00+00:00By

Smart uses of data analytics show companies can not only improve their compliance programs with technology, but actually create bottom-line results for their companies as well.

SoftwareChoice

Best practices for choosing the right data privacy software

2019-11-18T21:41:00+00:00By

Don’t expect a plug-and-play technology solution to this complex new problem.

Cyber locks

Proactive approach needed in today’s cyber-crime environment

2019-11-18T15:23:00+00:00By

An expert sheds light on behavioral science-driven solutions that help businesses prepare for a breach before it happens.

Cyber

Cyber-security glossary

2019-11-18T15:21:00+00:00By

For those unfamiliar with the vernacular involved with cyber-security and the methods by which bad actors attempt to access restricted data, we present this glossary of common terms.

Payment card security

Verizon finds payment security declines for 2nd consecutive year

2019-11-14T20:36:00+00:00By

Although the Payment Card Industry Data Security Standard (PCI DSS) launched back in 2004, 15 years later, most organizations still struggle to adhere to it.

ItalyDataBreach

Data protection compliance lessons from UniCredit breach

2019-10-29T19:03:00+00:00By

UniCredit announced its cyber-security team has identified a data breach that compromised the personal records of approximately three million clients in Italy, highlighting critical compliance lessons for those in the financial services industry.

Cloud

Big Tech, banking policymakers clash over cloud computing

2019-10-18T20:47:00+01:00By

The “move fast and break things” mantra of the tech world rubs up against a more rigid banking industry as the two find their way in the cloud—but is more legislation really necessary?

DataBridge

NIST provides guidance on how to bridge privacy, cyber-security processes

2019-10-18T16:11:00+01:00By

NIST’s new draft Privacy Framework offers much-needed guidance to help companies align their data privacy and cyber-security risk management practices.

Food delivery

DoorDash data mishap showcases hazards of third-party vendors

2019-09-27T20:59:00+01:00By

DoorDash announced an incident of unauthorized third-party access to user data—a reminder companies need to mind the cyber-security of vendors in addition to their own.

Juniper

Juniper settles FCPA case with SEC for $11.7M

2019-08-30T14:34:00+01:00By

Juniper Networks has reached an $11.7 million settlement with the SEC for violations of the Foreign Corrupt Practices Act concerning its sales practices in Russia and China.

Mastercard

Mastercard reveals data breaches in third-party loyalty program

2019-08-27T18:16:00+01:00By

Mastercard is investigating two data breaches relating to a loyalty program it ran in Germany following a leak of personal information that saw customers’ names, addresses, and credit card numbers circulating on the internet.

European Central Bank

European Central Bank announces data breach

2019-08-16T17:35:00+01:00By

The European Central Bank announced unauthorized parties breached the security measures protecting its Banks’ Integrated Reporting Dictionary (BIRD) Website, which is hosted by an external provider.

CapitaoOneStory

Capital One hacker may have targeted dozens more

2019-08-16T16:50:00+01:00By

It appears Capital One may be just one in a long list of companies and organizations to be victimized by what now appears to be the inner workings of a serial hacker, in what the Department of Justice is calling one of “the largest cyber intrusions and data thefts in ...

Facial recognition

Facebook loses appeal, faces costly privacy class action

2019-08-12T16:34:00+01:00By

The ruling of a federal appeals court has Facebook once again at risk of facing fines north of $1 billion for alleged misuse of users’ biometric data.

Cisco

Cisco’s $8.6M settlement for security flaws has broader ramifications

2019-08-02T17:15:00+01:00By

Cisco has reached an $8.6 million settlement for knowingly selling video surveillance software with critical security vulnerabilities. It’s believed to be the first cyber-security whistleblower case of its kind successfully litigated under the False Claims Act.

CapitaoOneStory

Capital One announces massive data breach

2019-07-30T13:38:00+01:00By

Capital One Financial announced a hacker obtained the personal information of approximately 100 million individuals in the United States and approximately six million individuals in Canada.

Credit breach

Lesson from Equifax penalty (at least $575M): Breach ‘entirely preventable’

2019-07-22T19:45:00+01:00By

What resulted in the largest-ever breach of consumer data culminated in the largest data breach enforcement action in history.

EU data flag

GDPR enforcement varies widely by country

2019-07-19T18:38:00+01:00By

Most EU countries have now issued fines under the GDPR. Determining which are the toughest enforcers depends on one’s viewpoint—we lay out country-by-country look at the enforcement trends to date.

IrelandDataPrivacy

All eyes on how Ireland will handle Big Tech and GDPR

2019-07-19T18:38:00+01:00By

Ireland—home EU regulator to Big Tech firms including Google, Twitter, and Facebook—is the key country not to have issued a GDPR-related fine yet, though the regulator has said it has started at least 19 inquiries into the sector.

Europedata

What we can learn from the biggest GDPR fines so far

2019-07-19T18:38:00+01:00By

Recent record-breaking fines for GDPR violations levied on British Airways and Marriott by the U.K. Information Commissioner’s Office offer a glimpse into what GDPR enforcement might look like going forward and serve up a warning to companies that data privacy protocols must be foolproof.

Onfido infographic cover img

Guide: Can your ID verification solution stand the heat?

2019-07-11T18:48:00+01:00Provided by

The price of fraud keeps going up, costing the global economy $41.6 trillion per year. Recognizing the four degrees of fraud is the first step in keeping fraudulent users off your platform.

Marriott

Marriott reveals $124M GDPR fine for data breach

2019-07-09T16:23:00+01:00By

Marriott has disclosed in a filing with the SEC that the U.K.’s Information Commissioner’s Office intends to fine it roughly £99 million (U.S. $124 million) for infringements of the EU’s GDPR.

British Airways

British Airways faces record-setting GDPR fine of $230 million

2019-07-08T14:05:00+01:00By

British Airways was hit Monday with the largest penalty to date under the EU’s GDPR, a £183.39m (U.S. $230 million) fine stemming from the compromised data of nearly 500,000 customers.

Data security

FTC expands scope of data security compliance requirements

2019-06-27T18:25:00+01:00By

The FTC is turning up the heat on the data security compliance requirements companies must meet in the event of an enforcement action following a data breach.

Poll

Poll shows gaps in integrated risk management

2019-06-21T14:40:00+01:00By

Many organizations’ enterprise risk management capabilities aren’t as integrated as they need to be, leaving them vulnerable to legal, financial, regulatory, and reputational risks, according to a new GRC benchmark report.

Zuckerbergcrop

Despite critics, Facebook plunges into virtual currency

2019-06-19T17:37:00+01:00By

Amid growing antitrust scrutiny and data privacy complaints, Facebook is nevertheless expanding into the cryptocurrency space.