7 matches found
Financial services company OneMain fined $4.25 million for security lapses
A series of security errors and mishaps has cost personal loan provider OneMain $4.25m in penalties, issued by the New York State department of financial services. The fines, coming at the end of a detailed investigation into how security practices at the company were determined to be below-par,...
Prepare Your Organization for Compliance with the NYDFS Cybersecurity Regulation
Cyberattacks are on the rise, with bad actors accelerating their nefarious exfiltration of valuable and confidential data from financial institutions, Federal agencies, healthcare organizations, and more. According to an IBM study, the Financial Services industry saw an increase in the cost of da...
EFB Tampering. Holdover Time
TL;DR Holdover applications are a relatively new method of calculating the effectiveness of anti-icing fluid sprayed onto aircraft wings. Applications such as these have additional attack surfaces as the developer and source databases need to be considered Airlines often view limits as targets to...
What is NYDFS?
NYDFS Cybersecurity Regulation, 23 NYCRR 500 On March 1, 2017, the New York State Department of Financial Services NYDFS introduced new cybersecurity regulations for financial services companies that address the growing threat posed by cyber-criminality to financial firms. They are intended to...
SEC Investigating Data Leak at First American Financial Corp.
The U.S. Securities and Exchange Commission SEC is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp. that exposed more than 885 million personal and financial records tied to mortgage deals going back to 2003, KrebsOnSecurity has...
Security in a World of Physically Capable Computers
It's no secret that computers are insecure. Stories like the recent Facebook hack, the Equifax hack and the hacking of government agencies are remarkable for how unremarkable they really are. They might make headlines for a few days, but they're just the newsworthy tip of a very large iceberg. Th...
New York State Implements Cybersecurity Regulation 23 NYCRR 500
On March 1st, 2017, sweeping new cybersecurity requirements were placed on organizations regulated by the New York State Department of Financial Services. The law applies to a broad set of covered entities that are supervised by the NYDFS, including banks, trusts, budget planners, check cashers,...