Financial Services

The PCI Security Standards Council (SSC) recently compiled some resources on how to create a Culture of Cybersecurity. These resources reflect changes made to the PCI Data Security Standards (DSS) that require executive responsibility for data security. The PCI SSC regularly updates its standards based on feedback from the PCI Council’s more than 700 global participating organizations as well as data breach report findings and industry changes. The most recent release...

The Securities and Exchange Commission (SEC) has just issued its first massive fine for failure to protect consumer data, issuing a civil money penalty against Morgan Stanley.

According to the newly released 2016 Vormetric Data Threat Report, 90% of IT security pros in Financial Services feel vulnerable to a data breach. In addition, 44% of Financial Services organizations experienced a data breach, with 19% in the past year.

Financial services organizations have been facing an increased level of scrutiny in regards to data security. In 2015, both the Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) announced a stronger commitment to data protection, including tighter regulations and enforcements, putting added pressure on financial institutions to prove that policies, procedures and technologies are in place to protect data and respond to breaches, should they...

The House Financial Services Committee voted this month, with a strong 46-9 margin, to advance the Data Security Act of 2015 (H.R. 2205), legislation introduced by Reps. Randy Neugebauer and John Carney. HR 2205, modelled on the Gramm-Leach-Bliley Act, would establish data security and breach notification standards for the financial and retail industries.