The Reserve Bank of New Zealand has unveiled plans to implement robust cyber reporting rules, following the publication of consultation feedback and decisions on collecting essential data to fortify defenses against cyber threats.
AuditBoard, an established risk, compliance, and audit management platform, has released the results of an extensive study examining the ramifications of the SEC Cybersecurity Disclosure Rules on businesses. Drawing insights from a survey involving over 300 executives and security professionals in North America, the report delves into the profound implications of the new U.S. Securities and Exchange Commission (SEC) cybersecurity disclosure ruling, which took effect on December 15, 2023.
The Federal Trade Commission (FTC) has mandated that software provider Avast pays $16.5 million and cease the sale or licensing of web browsing data for advertising purposes. The settlement comes as a response to charges asserting that Avast, along with its subsidiaries, violated privacy commitments by selling user data despite assuring customers that its products would safeguard them from online tracking.
California Attorney General Rob Bonta revealed a settlement with DoorDash, concluding an investigation that exposed the company's breaches of the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA).
In a recent report by industrial cybersecurity firm Dragos Inc., alarming statistics indicate a 50% increase in ransomware attacks targeting the industrial sector in 2023. The report, titled "The Importance of Industrial Cybersecurity," underscores the critical role cybersecurity plays in safeguarding industrial operations as companies embrace digital transformation.
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), has reached a $4.75 million settlement with Montefiore Medical Center, a non-profit hospital system based in New York City, following an investigation into potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. The settlement addresses several data security failures by Montefiore that allowed an employee to steal and sell patients’ protected health information over a six-month period.
In two separate quarterly earnings reports filed with the Securities and Exchange Commission, prominent companies Clorox and Johnson Controls disclosed substantial financial losses attributed to cyberattacks, shedding light on the far-reaching consequences of such incidents on corporate bottom lines.