The Crucial Role of CISOs in Battling Automated Cyberattacks
The emergence of automated cyberattacks in today's digital environment, driven by what experts call "bad bots", poses a frightening threat to...
1 min read
Michael Markulec : Apr 23, 2021 10:04:01 AM
A New York-based securities brokerage and insurance firm will pay a $3 million penalty to the New York Department of Financial Services (NYDFS) for exposing its customers' private data in four cyber breaches, two of which it never reported to the department.
The NYDFS said in a statement this week that its investigation of National Securities Corp (NSC) uncovered evidence of the four cybersecurity incidents between 2018 and 2020. The breaches involved unauthorized access to its employee's email accounts, who have access to a significant amount of sensitive personal data. According to the NYDFS statement, NCS violated the department's cybersecurity regulation by failing to implement multi-factor authentication and not implementing equivalent or more secure access controls approved by the company's chief information security officer.
The NYDFS Cybersecurity Regulation (23 NYCRR 500) is a set of regulations from the NYDFS that places cybersecurity requirements on all covered financial institutions. The rules were released on February 16th, 2017, after two rounds of feedback from the industry and the public. These regulations acknowledge the ever-growing threat posed to financial systems by cybercriminals and are designed to ensure businesses effectively protect their customer's confidential information from cyber-attacks. The regulation requires conducting regular security risk assessments, keeping audit trails of asset use, providing defensive infrastructures, maintaining policies and procedures for cybersecurity, and creating an incident response plan.
Here are few essential points to keep in mind about the NYDFS regulations:
The emergence of automated cyberattacks in today's digital environment, driven by what experts call "bad bots", poses a frightening threat to...
In the current context of growing cybersecurity concerns, companies are facing an increasing need to obtain SOC 2 accreditation. But what exactly...
The electric vehicle (EV) sector is undoubtedly rising, representing a significant shift in the automotive landscape. However, amidst the excitement...