All Cybersecurity articles – Page 8
-
News Brief
SEC adopts rule requiring cyber incident disclosures within four days
The Securities and Exchange Commission finalized its controversial rule requiring public companies to disclose the nature, scope, timing, and impact of cybersecurity incidents deemed to be material within four business days.
-
PremiumIBM report: Data breach costs at all-time high; AI helping detection
The global average cost of a data breach reached a new all-time high of $4.45 million in 2023, according to IBM’s annual report.
-
News BriefTech giants, White House agree to AI risk management guidelines
Technology companies including Google, Meta, and OpenAI agreed to a series of voluntary commitments they’ll make regarding their management of risks when developing artificial intelligence systems.
-
PremiumBiden cyber strategy plan calls for big businesses to step up
The “biggest, most capable, and best-positioned” businesses must assume a greater share of mitigating cyber risks, the White House said in announcing the National Cybersecurity Strategy Implementation Plan.
-
PremiumSurvey: Investment adviser compliance ramps up testing on advertising, marketing
The most popular mock exams conducted by compliance professionals at investment adviser firms this year have been on the Securities and Exchange Commission’s advertising/marketing rule, according to a new poll.
-
PremiumExperts: Ways to stay ahead of generative AI risks
Not all companies can rely on bans or restrictions to employee use of generative artificial intelligence like ChatGPT. Instead of telling people what they can’t do, focus on what they can do.
-
News BriefCFTC assembles task forces to combat cyber and tech issues, ESG fraud
The Enforcement Division of the Commodity Futures Trading Commission announced it established two new task forces to combat cyberattacks and misuse of technology and environmental fraud.
-
PremiumGrowing list of MOVEit hack victims shows damage control difficulties
More than 130 organizations are believed to have been impacted by the MOVEit hack, with millions of people’s data at risk. Experts opine on the struggles businesses face in containing exposure.
-
PremiumSEC’s Grewal spotlights enforcement focus on cyber disclosures
The No. 1 priority at the Securities and Exchange Commission after organizations are impacted by a cybersecurity incident is that investors receive timely and accurate disclosures, according to Enforcement Division Director Gurbir Grewal.
-
News BriefAPRA pressures Medibank on cyber enhancements post-breach
The Australian Prudential and Regulation Authority will require Medibank Private to hold 250 million Australian dollars (U.S. $166 million) in extra capital until the insurer remediates identified cybersecurity weaknesses after a significant data breach.
-
ArticleMOVEit ransomware attack shows sophistication of cybercriminals
In an era marked by an increase in digital threats, it’s vital to understand how sophisticated cybercriminal syndicates like Clop can impact the financial sector.
-
PremiumNAVEX report: Driven by cyber threats, infosec compliance top of mind
Compliance teams are taking more responsibility for issues related to information security and data privacy, motivated by increasing threats posed by data breaches and cyber intrusions, according to a new survey from NAVEX.
-
PremiumCFTC commissioner crafting potential proposed rule on cyber resiliency
The Commodity Futures Trading Commission’s Technology Advisory Committee sponsored by Commissioner Christy Goldsmith Romero is crafting potential rulemaking to establish cyber resiliency baselines among swap dealers and futures commission merchants.
-
News BriefFCC forms consumer data privacy task force
The Federal Communications Commission announced the launch of a new task force to coordinate privacy and data protection efforts at the agency, which oversees a telecommunications industry often targeted by cybercriminals.
-
PremiumShades of SolarWinds in lessons from MOVEit hack
A ransomware attack affecting some of the U.K.’s largest corporations has highlighted once again how exposed organizations can be if the levels of cybersecurity used by their third parties are not as strong as expected.
-
News BriefSEC spring 2023 regulatory agenda: 37 rules in final stage
The rest of the year is shaping up to be busy at the Securities and Exchange Commission, where final rules regarding climate-related disclosures, enhanced cybersecurity risk governance, and more are all on the near-term agenda.
-
PremiumVerizon report: Lion’s share of data breaches linked to organized crime
About 83 percent of data breaches are perpetrated by external bad actors and not employees, with 70 percent of those breaches linked to organized crime groups with financial motives, according to the latest research.
-
PremiumKPMG report: Bank supervision, cyber among reg focus areas for rest of year
A new report by KPMG on key regulatory challenges for the second half of 2023 warned financial institutions to prepare for increased scrutiny, while all companies should expect more questions on how they oversee their cybersecurity and data management programs.
-
News BriefFTC orders Amazon pay $30M for alleged Alexa, Ring privacy violations
Amazon is set to pay more than $30 million comprised of a civil penalty and consumer refunds to resolve two separate cases alleging privacy violations regarding its Alexa voice assistant service and Ring doorbell subsidiary.
-
Resourcee-Book: New audit risk landscape: ESG, cyber, more
As companies face sustainability reporting challenges, accounting and audit firms are fielding increased requests for assistance, along with demands from investors and regulatory bodies for assurance on disclosures.