IT Security & Privacy

New York has taken a decisive step in strengthening its cybersecurity regulations, adding stricter requirements that surpass recent federal rules. The New York State Department of Financial Services (DFS), responsible for overseeing various financial institutions, has introduced these enhanced cybersecurity regulations in response to the growing threat of cyberattacks, emphasizing the need for more robust protections.

The Dutch consumer watchdog, the Netherlands’ Authority for Consumers and Markets (ACM), is challenging the fees imposed by Apple on dating app providers in the Netherlands. This move is part of the ongoing case against the tech giant concerning the dominance of its app store. While the dispute currently pertains to dating apps within the Netherlands, it is perceived as potentially setting a precedent for similar cases worldwide.

The Federal Trade Commission (FTC) has recently given its approval to a pivotal amendment to the Safeguards Rule, extending the requirement for non-banking financial institutions to report specific data breaches and security incidents to the agency.

The French Data Protection Authority (CNIL) has imposed a fine of 600,000 euros on GROUPE CANAL+, a prominent producer and distributor of pay television offers, for multiple violations of the General Data Protection Regulation (GDPR) and the French Post and Electronic Communications Code (CPCE). The fine comes as a result of various breaches, particularly in terms of commercial prospecting and individual rights.

Okta, a leading security technology provider for various organizations, has recently revealed that one of its customer service tools was compromised in a security breach. The hacker leveraged stolen credentials to access the company's support case management system and view files uploaded by certain customers. Okta's Chief Security Officer, David Bradbury, disclosed this breach in a securities filing. Fortunately, Okta emphasized that the affected system is distinct from its primary client platform, which remained secure.

The U.S. government's federal chief information security officer, Chris DeRusha, has cautioned federal agencies to exercise prudence when delving into the realm of generative artificial intelligence (AI). Speaking at a FAIR Institute conference of cybersecurity and risk managers, DeRusha emphasized the need to address risks associated with this technology before wholeheartedly embracing it.

As technology weaves itself into the fabric of modern business operations, the ever-evolving landscape of risks poses an ongoing challenge. The findings of the 11th annual Global Technology Audit Risks Survey, conducted by Protiviti in collaboration with The Institute of Internal Auditors (IIA), shed light on the pressing concerns occupying the minds of IT auditors and technology professionals.