All Cybersecurity articles – Page 4
-
PremiumToeing the ‘fine line’ of cloud security compliance
When organizations move their data or operations to the cloud, the compliance team has their work cut out and then some, experts discussed at CW’s Cyber Risk & Data Privacy Summit.
-
News BriefMontefiore Medical Center to pay $4.8M over employee’s data theft
Montefiore Medical Center agreed to pay $4.75 million to settle allegations by the Department of Health and Human Services’ Office for Civil Rights that failures by the New York City nonprofit facility allowed an employee to steal and sell patient information for six months.
-
News BriefAlphabet to pay shareholders $350M over Google+ privacy lapses
Alphabet, the parent company of technology giant Google, agreed to pay $350 million in a preliminary settlement with shareholders over alleged data privacy violations and materially false and misleading statements linked to now-defunct social media site Google+.
-
PremiumExperts: Good data breach response grounded in preparation
Two chief compliance officers and an attorney discussed preparation for the “when, not if” threat of a data breach during a panel at CW’s Cyber Risk & Data Privacy Summit.
-
News BriefClorox discloses $49M hit from cyberattack
Cleaning products company Clorox disclosed the major cybersecurity incident that led to a shutdown of its automated order processing late last year has cost it about $49 million.
-
News BriefBlackbaud avoids fine in FTC deal requiring data deletion
Software company Blackbaud will be required to delete unnecessary data and boost cybersecurity as part of a proposed settlement with the Federal Trade Commission stemming from a 2020 data breach.
-
News BriefN.Y. sues Citi for lax data security, failing to reimburse fraud victims
Citibank faces a lawsuit from New York Attorney General Letitia James for allegedly failing to protect and reimburse customers who lost thousands of dollars in fraudulent wire transfers.
-
PremiumConsultation opens debate on proposed U.K. cyber governance code
Cybercrime is regularly cited as a leading concern for executives, yet board oversight of cyber risks is often inadequate and governance poorly understood, according to the authors of a proposed U.K. code of practice on cybersecurity governance.
-
PremiumNew DOJ cyber section wants more private sector partnership
Cooperation between businesses and the new cybersecurity section at the Department of Justice has led to the successful defanging of numerous, major ransomware operations worldwide in just the few months since its creation, according to its chief.
-
PremiumOFAC official urges company transparency on ransomware events
Despite its reputation as a fierce enforcer of sanctions, the Office of Foreign Assets Control has a softer side and wants to help companies that are hit with ransomware attacks, according to the agency’s senior compliance officer.
-
News BriefVF discloses data breach impacted 35.5M customers
Apparel company VF Corp., the owner of brands including The North Face, Vans, and Timberland, disclosed its estimation approximately 35.5 million customers had their personal data stolen as part of a cybersecurity incident it uncovered in December.
-
News BriefRobinhood Financial to pay $7.5M in Mass. settlement
Online stock trading platform and broker-dealer Robinhood Financial agreed to pay a $7.5 million fine as part of a settlement with the Commonwealth of Massachusetts addressing claims related to “gamification” of its platform and cybersecurity issues that lent to a 2021 data breach.
-
News BriefGenesis Global Trading fined $8M by NYDFS over AML, cyber lapses
Virtual currency brokerage firm Genesis Global Trading agreed to pay an $8 million penalty levied by the New York State Department of Financial Services for alleged compliance failures that left it vulnerable to illicit activity and cybersecurity threats.
-
PremiumNIST report: Mitigating the risks of cyberattacks on AI systems
Cyberattacks on artificial intelligence systems are increasing, so it’s important users know their vulnerabilities and try to soften the damage if they get hit, according to a new report by the National Institute of Standards and Technology.
-
PremiumDeepfakes: A silent threat to digital integrity and AML efforts
Deepfakes have emerged in the digital world as a silent pandemic threatening not only our digital integrity but becoming a major risk to anti-money laundering efforts.
-
PremiumCPPA preview: Cybersecurity audit regs nearing formal proposal
Companies with business in California could face tough new cybersecurity mandates under draft regulations that could be headed for formal rulemaking as soon as Friday.
-
News BriefFINRA report: Exam trends on off-channel comms, crypto, cybersecurity
A new report from the Financial Industry Regulatory Authority provides observations from examiners on emerging issues affecting the industry, including surveilling potential use of off-channel communications by employees, crypto-asset developments, cybersecurity trends, and more.
-
WebcastCPE Webcast: If it’s not auditable, is it real?
Learn the importance of creating a unified environment to keep up with compliance regulations and how critical having a central source of information is for compliance professionals.
-
News BriefCMMC implementation plan takes shape in proposed rule
The Department of Defense released for comment a proposed rule setting guidelines for implementation of the Cybersecurity Maturity Model Certification program.
-
ResourceWhite paper: Empowering Cybersecurity Governance and Disclosures
Do you have a clear vision of what ‘good’ means when it comes to managing governance and your security program? Setting the right targets for your organization is crucial.