The New York State Department of Financial Services announced a USD1 million cybersecurity settlement with First American Title Insurance Company for violating cybersecurity regulation 23 NYCRR Part 500. The DFS claimed First American did not "maintain and implement effective governance and classification, access controls and identity management, and risk assessment policies and procedures" leading to a large-scale data breach in 2019.
New York's DFS announces $1M cybersecurity settlement
Related stories
Notes from the IAPP Canada: Consultation period on CBPR implementation ends 30 June
CPPA Board tees up new consultation on draft ADMT, cybersecurity audit, risk assessment regulations
Ireland's DPC finalizes TikTok decision with potential data transfer ban
A view from DC: Colorado considers re-forging AI guardrails
Biometric promises, regulatory gaps: Why Canada needs a new approach to facial recognition technology
