NYDFS Tasks New Cybersecurity Division to Enforce Cybersecurity Regulation
With a new cybersecurity team dedicated to enforcing the department’s regulations under its wing, the New York Department of Financial Services (NYDFS) will grow even more vigilant of violations.
FTC Considering Making Changes to GLBA's Safeguards, Privacy Rule
New amendments to the rules, proposed last week and largely based on the New York State Department of Financial Services’ Cybersecurity Regulation, would better protect customer information held by financial institutions.
What is the NYDFS Cybersecurity Regulation? (And Compliance Tips)
Learn about the new NYDFS Cybersecurity Regulation and its implications for financial institutions in Data Protection 101, our series on the fundamentals of information security.
NYDFS Certification of Compliance Deadlines Loom
There are two imminent Certification of Compliance deadlines with the two-year transition period around NYDFS' Cybersecurity Regulation (23 NYCRR Part 500) set to end on March 1.
Fugitive in Bank Data Theft Case Faces Four Years in Prison
A former bank employee - now believed to be a fugitive - is being charged with commercial espionage, among other crimes, after stealing data on the bank's clients.
How Financial Services (FinServ) Companies Can Best Mitigate Supply Chain Risk
We asked 18 financial services, security and risk management experts how financial services companies can best mitigate risk in the supply chain.
Banks, Fintech Firms Form Organization to Promote Secure Data Sharing
Big banks and fintechs joined together this week to form a new non-profit, the Financial Data Exchange, a subsidiary of FS-ISAC, designed to promote a consistent standard for data sharing and security.
Payment Processor CEO Allegedly Stole Customer, Pricing Data for New Company
In a lawsuit filed last week a payment processing company accused its former CEO and several former employees of stealing trade secrets, including customer and banking information, to start a competing business.
SEC Enforces Little Known Identity Theft Rule
The SEC settled a case with the help of a little known 2013 regulation, the Identity Theft Red Flags Rule, for the first time two weeks ago. The rule requires financial institutions to implement a program to detect, prevent, and mitigate identity theft.
New PCI SSC Tool Educates Small Merchants on Payment Card Data Security
The PCI Security Standards Council released a new tool Tuesday designed to help small merchants better protect their customers' payment card data.
Don't Fall Behind
Get the latest security insights
delivered to your inbox each week.
Thank you for subscribing!