The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
The Hong Kong Monetary Authority (HKMA) has imposed additional principles on the use of big data analytics and artificial intelligence (BDAI) and specifically, generative artificial intelligence (GenAI) by authorized...more
Join us on the latest episode of Financial Services Focus as Justin Herring, Jeff Taft and Ana Bruder discuss key cyber threats facing the financial services industry, including third-party risks, sophisticated ransomware,...more
As the implementation of Artificial Intelligence (AI) compliance and fraud detection algorithms within corporations and financial institutions continues to grow, it is crucial to consider how this technology has a twofold...more
On November 1, 2023, the New York Department of Financial Services (NYDFS) announced the adoption of amendments to its Cybersecurity Regulation 23 NYCRR Part 500 (“Amended Cybersecurity Rules” or “Amended Rules”). NYDFS...more
On November 1, 2023, the New York State Department of Financial Services (“NYDFS”) issued its Second Amendment (the “Amendment”) to its Cybersecurity Requirements for Financial Services Companies adopted in 2017, codified in...more
On Friday, October 27, the Federal Trade Commission ("FTC") announced new amendments to the Safeguards Rule, requiring covered financial institutions to report certain data breaches to the FTC and reflecting its continuing...more
In 2017, the New York Department of Financial Services (“NYDFS”) enacted a landmark regulation requiring financial services institutions such as banks and insurance companies in the state to meet substantial cybersecurity...more
The New York Department of Financial Services (NYDFS) adopted a long-expected amendment to its Part 500 Cybersecurity Regulations (Part 500) this week. These are the first significant changes to Part 500 since its inception...more
Last month, Gurbir Grewal, the Director of the SEC’s Division of Enforcement, spoke at the Financial Times Cyber Resilience Summit. During the remarks, he outlined the importance of cybersecurity and signaled that the SEC is...more
The New York Department of Financial Services (“NYDFS”) released a “revised proposed second amendment” on June 28 that makes further changes to its Cybersecurity Regulation (“23 NYCRR Part 500”). Part 500 was first enacted in...more
On May 25, 2023, the New York Department of Financial Services (NYDFS) announced that OneMain Financial Group (OneMain) will pay a $4.25 million fine pursuant to a consent order to settle alleged violations of NYDFS’s...more
As organizations in the financial sector continue to migrate IT and business services to the cloud and adopt other cloud offerings, it is important that financial institutions understand the risks associated with each. A U.S....more
The New York Department of Financial Services (NYDFS) published its proposed amendment to its 23 NYCRR Part 500 (Cybersecurity Rules) on November 9, 2022, following the release of the draft version on July 29, 2022....more
The Gramm-Leach-Bliley Act (“GLBA”) was a bi-partisan regulation passed by Congress in 1999 in an attempt to update and modernize the financial industry. One component of the GLBA, its Safeguards Rule, requires financial...more
The New York Department of Financial Services (“DFS”) has proposed rule changes to increase cyber compliance requirements. DFS has been the leading regulatory force in the cybersecurity industry. ...more
Following on the heels of the New York Department of Financial Services February 25, 2022 letter to regulated entities regarding the “Escalating Situation in Ukraine and the Impact to Financial Sector,” on March 2, 2022,...more
What You Should Know •The FTC has amended the Safeguards Rule for non-bank providers of financial products and services by issuing a Final Rule. •The updates are intended to enhance the security of consumer financial...more
OSFI, the Canadian Federal Office of the Superintendent of Financial Institutions, on August 13, 2021, issued new guidance on Technology and Cyber Security Incident Reporting, replacing prior guidance of March 2019....more
On March 4, FINRA issued a Regulatory Notice warning member firms not to fall for phishing scam preying on compliance fears. The scam uses a phony email address, supports@finra-online.com, demanding an immediate response to...more
The New York Department of Financial Services (NYDFS) has become a frequent topic of these alerts. In recent weeks we have covered multiple actions from the regulator, including its first enforcement action, its SolarWinds...more
Keypoint: New York’s Division of Financial Services (DFS) now requires Property and Casualty Insurers writing cyber insurance to comply with the Division’s Cyber Insurance Risk Framework to manage their risk. In her...more
Happy Data Privacy Day! Since 2007, privacy professionals from across the globe have gathered together on January 28 to raise awareness about data privacy and security best practices and issues. ...more
Join Frances Floriano Goins and Laura J. Shaw, Associate General Counsel from KeyBank, NA, as they review the myriad regulatory schemes that govern data protection for financial services providers, keying in on both newly...more
The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial services sector doing business in New York, recently provided guidance to its regulated...more
Open banking is an important driver of the fintech revolution. Regulators have recognised open banking as a means of introducing competition and innovation in the banking sector. Likewise, fintechs are seizing the...more