All Cybersecurity articles – Page 9
-
OpinionLessons in cybersecurity: Control the breach narrative
Recent botched data breach responses at Activision Blizzard and GoDaddy prompt timely consideration of communication best practices shared by cybersecurity experts at CW’s virtual Cyber Risk & Data Privacy Summit.
-
PremiumChatGPT comes with compliance caveats, experts warn
There are downsides to every new technology, and artificial intelligence and machine learning are no exception. Experts discussed the importance for compliance professionals to understand the risks of such tools at CW’s virtual Cyber Risk & Data Privacy Summit.
-
News BriefHHS reports: Compliance reviews, health data breaches up
The number of compliance reviews by the Department of Health and Human Services of health organizations increased between 2017 and 2021, according to the agency’s latest reports to Congress.
-
PremiumCybersecurity pillars: Prevention, protection, mitigation, governance
The former superintendent of the New York State Department of Financial Services explained how the structure of a cybersecurity program is like a compliance program and can be divided into four buckets during a panel discussion at CW’s Cyber Risk & Data Privacy Summit.
-
PremiumCISA strategist: What is an SBOM and why it matters to compliance
Cyberattacks on software are increasing, and the best chance organizations have of protecting themselves is to know about potential vulnerabilities through a software bill of materials, CISA Strategist Allan Friedman shared at CW’s virtual Cyber Risk & Data Privacy Summit.
-
News BriefCPPA seeking comment on cybersecurity audit, risk assessment rule adds
The California Privacy Protection Agency is seeking comment on privacy rules requiring certain large businesses to conduct annual cybersecurity audits and risk assessments if the state believes they are placing consumer data at risk.
-
PremiumSurvey: Cybersecurity, regulatory risks lead TPRM priorities in 2023
Respondents to a survey from Compliance Week and Dun & Bradstreet overwhelmingly indicated cybersecurity to be the most important compliance-related area affecting third-party risk management in the new year, though fraud and other risks should still be on their radar.
-
News Brief
SEC exam report highlights Marketing Rule, Reg BI, private fund advisers
The Securities and Exchange Commission’s 2023 examination priorities report laid out areas under the microscope this year, including compliance with the agency’s Marketing Rule and Regulation Best Interest.
-
News BriefTreasury report flags benefits, drawbacks to use of cloud services
The Treasury Department issued a report regarding the benefits and challenges associated with the use of cloud service providers by financial sector firms, finding shortcomings related to transparency, staff support, and cybersecurity incident response.
-
News BriefBanner Health to pay $1.25M over HIPAA Security Rule lapses
Banner Health agreed to pay $1.25 million as part of a settlement with the Department of Health and Human Services addressing violations of the Health Insurance Portability and Accountability Act Security Rule regarding a 2016 data breach.
-
PremiumCybersecurity challenges: Defense and disclosure
Experts share perspectives regarding the criticality of cybersecurity risks, what the response of management and boards should be, and how proposed disclosure requirements need to be incorporated into cyber-related responsibilities.
-
PremiumStudy: Healthcare overtakes finance as most breached industry in 2022
Healthcare organizations were under attack more than ever by cybercriminals in 2022, overtaking finance as the most breached industry, according to the latest analysis from Kroll.
-
PremiumReport: Audit committees bracing for increased role in ESG, ERM, cyber
A new report from the Center for Audit Quality and Deloitte found corporate boards are taking a fresh look at their audit committee structures and practices to respond to emerging corporate reporting areas and increased risks.
-
News BriefFCC probing T-Mobile after latest cyber incident affects 37M
The Federal Communications Commission launched an investigation into T-Mobile after the telecommunications giant disclosed it suffered yet another significant cybersecurity lapse exposing customer information.
-
News BriefCovington to contest SEC court request for breached client data
The Securities and Exchange Commission asked a federal court to force Covington & Burling to comply with a subpoena seeking the law firm turn over names of about 300 clients impacted by a 2020 cyberattack.
-
News Brief
Drizly data security to be monitored for 20 years under FTC order
Online alcohol retailer Drizly and its chief executive officer agreed to data security requirements and to be assessed by an independent monitor for up to 20 years as part of a final settlement with the Federal Trade Commission over a data breach that impacted 2.5 million consumers.
-
News BriefFINRA focuses on financial crime in annual exam report
The Financial Industry Regulatory Authority’s annual report on examinations and risk monitoring indicated a new emphasis for the regulator on combating financial crime, particularly cybercrime.
-
News BriefCoinbase to pay $100M after NYDFS probe into compliance lapses
Cryptocurrency exchange Coinbase agreed to pay $100 million as part of a settlement with the New York State Department of Financial Services for compliance failures that opened the door for criminals to carry out illegal activity through the platform.
-
ArticleIrish DPC probing Twitter over breach affecting 5.4M users
The Irish Data Protection Commission is investigating whether Twitter violated the European Union’s General Data Protection Regulation regarding a data breach alleged to have affected 5.4 million users.
-
ArticleAbanca fined $3.3M for missing 2-hour breach reporting deadline
The European Central Bank fined Spanish bank Abanca €3.145 million (U.S. $3.3 million) after it “knowingly failed” to report a major cyber breach within the prescribed two-hour time limit.