All Cybersecurity articles – Page 10
-
PremiumCISA strategist: What is an SBOM and why it matters to compliance
Cyberattacks on software are increasing, and the best chance organizations have of protecting themselves is to know about potential vulnerabilities through a software bill of materials, CISA Strategist Allan Friedman shared at CW’s virtual Cyber Risk & Data Privacy Summit.
-
News BriefCPPA seeking comment on cybersecurity audit, risk assessment rule adds
The California Privacy Protection Agency is seeking comment on privacy rules requiring certain large businesses to conduct annual cybersecurity audits and risk assessments if the state believes they are placing consumer data at risk.
-
PremiumSurvey: Cybersecurity, regulatory risks lead TPRM priorities in 2023
Respondents to a survey from Compliance Week and Dun & Bradstreet overwhelmingly indicated cybersecurity to be the most important compliance-related area affecting third-party risk management in the new year, though fraud and other risks should still be on their radar.
-
News Brief
SEC exam report highlights Marketing Rule, Reg BI, private fund advisers
The Securities and Exchange Commission’s 2023 examination priorities report laid out areas under the microscope this year, including compliance with the agency’s Marketing Rule and Regulation Best Interest.
-
News BriefTreasury report flags benefits, drawbacks to use of cloud services
The Treasury Department issued a report regarding the benefits and challenges associated with the use of cloud service providers by financial sector firms, finding shortcomings related to transparency, staff support, and cybersecurity incident response.
-
News BriefBanner Health to pay $1.25M over HIPAA Security Rule lapses
Banner Health agreed to pay $1.25 million as part of a settlement with the Department of Health and Human Services addressing violations of the Health Insurance Portability and Accountability Act Security Rule regarding a 2016 data breach.
-
PremiumCybersecurity challenges: Defense and disclosure
Experts share perspectives regarding the criticality of cybersecurity risks, what the response of management and boards should be, and how proposed disclosure requirements need to be incorporated into cyber-related responsibilities.
-
PremiumStudy: Healthcare overtakes finance as most breached industry in 2022
Healthcare organizations were under attack more than ever by cybercriminals in 2022, overtaking finance as the most breached industry, according to the latest analysis from Kroll.
-
PremiumReport: Audit committees bracing for increased role in ESG, ERM, cyber
A new report from the Center for Audit Quality and Deloitte found corporate boards are taking a fresh look at their audit committee structures and practices to respond to emerging corporate reporting areas and increased risks.
-
News BriefFCC probing T-Mobile after latest cyber incident affects 37M
The Federal Communications Commission launched an investigation into T-Mobile after the telecommunications giant disclosed it suffered yet another significant cybersecurity lapse exposing customer information.
-
News BriefCovington to contest SEC court request for breached client data
The Securities and Exchange Commission asked a federal court to force Covington & Burling to comply with a subpoena seeking the law firm turn over names of about 300 clients impacted by a 2020 cyberattack.
-
News Brief
Drizly data security to be monitored for 20 years under FTC order
Online alcohol retailer Drizly and its chief executive officer agreed to data security requirements and to be assessed by an independent monitor for up to 20 years as part of a final settlement with the Federal Trade Commission over a data breach that impacted 2.5 million consumers.
-
News BriefFINRA focuses on financial crime in annual exam report
The Financial Industry Regulatory Authority’s annual report on examinations and risk monitoring indicated a new emphasis for the regulator on combating financial crime, particularly cybercrime.
-
News BriefCoinbase to pay $100M after NYDFS probe into compliance lapses
Cryptocurrency exchange Coinbase agreed to pay $100 million as part of a settlement with the New York State Department of Financial Services for compliance failures that opened the door for criminals to carry out illegal activity through the platform.
-
ArticleIrish DPC probing Twitter over breach affecting 5.4M users
The Irish Data Protection Commission is investigating whether Twitter violated the European Union’s General Data Protection Regulation regarding a data breach alleged to have affected 5.4 million users.
-
ArticleAbanca fined $3.3M for missing 2-hour breach reporting deadline
The European Central Bank fined Spanish bank Abanca €3.145 million (U.S. $3.3 million) after it “knowingly failed” to report a major cyber breach within the prescribed two-hour time limit.
-
ArticleESG oversight highlighted in annual audit committee transparency report
Public companies continue to increase the overall level of audit committee disclosures in proxy statements, though there is room to improve quality by providing more tailored disclosures and transparency, according to the latest annual report.
-
ArticleDOJ official addresses liability concerns stemming from Uber CSO case
Principal Associate Deputy Attorney General Marshall Miller called the conviction of a former Uber Technologies chief security officer on obstruction charges an “outlier” that should not discourage compliance officers from self-reporting violations.
-
ArticleLoaded SEC agenda to carry into 2023
The Securities and Exchange Commission is expected to see through its controversial policy proposals from 2022, though the newly Republican-led House could slow the agency’s momentum.
-
ArticleCFTC commissioner stresses ‘urgency’ in call for heightened crypto oversight
Christy Goldsmith Romero, a commissioner at the Commodity Futures Trading Commission, is lobbying the regulator to use its existing authority to conduct “heightened supervision” over derivative exchanges to create more oversight in crypto markets.