All Cybersecurity articles – Page 2
-
PremiumAI can help reel in ‘unsustainable’ breach costs, IBM report finds
The global average cost of a data breach jumped to an all-time high for the second year in a row, but companies can reel in the ballooning drag on profits by adopting artificial intelligence, according to an IBM report.
-
News BriefFCC fines Charter Communications $15M over failing to report 911 outages
Charter Communications agreed to pay $15 million and put in place a “robust” compliance plan, including cybersecurity upgrades, to settle allegations it didn’t comply with emergency 911 and network outage notification rules, the Federal Communications Commission announced.
-
WebcastCPE Webcast: Proactive AI compliance: 4 essential steps to minimize exposure
As artificial intelligence (AI) continues to advance rapidly and organizations expand their usage to optimize efficiency and productivity, implementing internal AI policies to ensure regulatory compliance and minimize exposure remains a hot topic.
-
Blog
Tufin names general counsel
Network and cloud security policy automation provider Tufin has named Christian Na as general counsel.
-
Blog
Allegion announces general counsel
Global security products and solutions provider Allegion appointed Stacy Cozad as senior vice president, general counsel, and corporate secretary, effective Aug. 5.
-
PremiumHow fintechs can overcome major compliance hurdles in embedded finance
Margaret Holmes Tibbets, chief compliance officer at financial technology company Pipe, explains how firms are facing an existential compliance crisis, and to survive they’ll need to overcome not one but two hurdles.
-
News BriefDOE offers supply chain cybersecurity guidance for energy, oil, gas industries
The U.S. Department of Energy released supply chain cybersecurity principles meant to help strengthen key technologies used to manage and operate electricity, oil, and natural gas systems.
-
News BriefOCC emphasizes compliance’s role in FI’s operational resiliency
Compliance departments at financial institutions must become more involved in ensuring their firm’s operational resiliency to address emerging risks, the Treasury Department’s Office of the Comptroller of the Currency said in its semi-annual risk perspective.
-
News BriefSEC orders R.R. Donnelley to pay $2.1M over cyber-related control violations
A business communications and marketing services company agreed to pay more than $2 million to settle charges levied by the Securities and Exchange Commission over cybersecurity-related control violations.
-
News BriefDOJ orders consultants to pay $11.3M total for cyber rule violations
Guidehouse and Nan McKay and Associates will pay a total of $11.3 million to the Department of Justice (DOJ) to settle allegations that cybersecurity failures led to the theft of client personal information during the height of the COVID-19 pandemic.
-
OpinionTop-of-mind takeaways from TPRM Summit
Top-of-mind issues addressed at Compliance Week’s Third-Party Risk Management & Oversight Summit, held June 3-4 in Atlanta, included safe deployment of artificial intelligence, assessing vendor viability and sustainability, understanding the role of procurement in risk ranking, the intersection (or lack thereof) between data privacy and cybersecurity, and many others.
-
News BriefSEC orders Intercontinental Exchange to pay $10M over Reg SCI violations
Intercontinental Exchange and nine affiliates agreed to pay $10 million for allegedly failing to inform the Securities and Exchange Commission of a cyber intrusion as required by Regulation Systems Compliance and Integrity.
-
News BriefSEC official clarifies material incident reporting under new cyber rule
Erik Gerding, director of the Securities and Exchange Commission’s Division of Corporation Finance, issued a statement addressing early inconsistencies observed under the agency’s new cybersecurity incident disclosure rule.
-
News BriefEPA warns of increased cybersecurity scrutiny toward water systems
The Environmental Protection Agency is increasing its inspections of public drinking water systems after finding a majority of those reviewed were vulnerable to cyberattacks and related threats.
-
PremiumCalifornia privacy reg seeking more input on new rules
Businesses will receive additional time to weigh in on proposed regulations by the California Privacy Protection Agency regarding risk assessments, cybersecurity audits, automated decision-making, and data broker registration before they’re potentially finalized later this year.
-
News BriefSEC amends Reg S-P to require data breach notification within 30 days
The Securities and Exchange Commission will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers within 30 days.
-
News BriefNYDFS offers cyber rule compliance template for small businesses
The New York State Department of Financial Services issued guidance for small businesses attempting to comply with its cybersecurity regulations.
-
PremiumSurvey: Public companies fear added cyber risks from SEC disclosures
Large public companies say they are prepared to comply with the disclosure requirements of the SEC’s new cybersecurity incident rule, according to a survey conducted by Compliance Week and DLA Piper, but concerns exist that those reports could enhance the threat of future cyberattacks.
-
PremiumReport: Human error driving growing number of data breaches
Verizon’s annual data breach report shows trends in cybersecurity incidents, including more ransomware and extortion attacks last year.
-
News BriefFederal banking regulators issue TPRM guidance for community banks
The Federal Deposit Insurance Corporation, Federal Reserve Board, and Office of the Comptroller of the Currency combined to provide guidance on third-party risk management focused on the unique risks faced by community banks in their third-party relationships.