Privacy, Cybersecurity, and Regulation S-ID

Home/Privacy, Cybersecurity, and Regulation S-ID

SEC Risk Alert on Prevention of Identity Theft and Reg S-ID

SEC Risk Alert on Prevention of Identity Theft and Reg S-ID What happened? The Division of Examinations (“EXAMS”) issued a Risk Alert to assist firms with identity theft prevention programs required under Regulation S-ID. Financial institutions (including broker-dealers and registered investment advisors) must determine whether they offer “covered accounts” [...]

Be Alert as Ransomware Conti-nues to Take Over

Be Alert as Ransomware Conti-nues to Take Over WHAT HAPPENED? The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have seen Conti ransomware used in more than 400 attacks on U.S. and international organizations. Typically, Conti ransomware attacks are malicious in nature and occur when a bad actor intends to steal [...]

By | 2022-07-28T11:26:06-04:00 Oct 5th, 2021|Privacy, Cybersecurity, and Regulation S-ID|

Cybersecurity and ESG Proposals Are on the Horizon: Key Takeaways from SEC Chair’s Senate Testimony

Cybersecurity and ESG Proposals Are on the Horizon: Key Takeaways from SEC Chair’s Senate Testimony WHAT HAPPENED? Before the Senate Banking Committee on September 14th, SEC Chair, Gary Gensler, indicated that numerous rules related to cybersecurity and climate risk, among others are in the works. Even though this is the first time the [...]

By | 2022-07-28T16:56:12-04:00 Sep 16th, 2021|Privacy, Cybersecurity, and Regulation S-ID|

ALERT: Phishing Attack Posing as FINRA Request

ALERT: Phishing Attack Posing as FINRA Request WHAT HAPPENED? Broker-dealers, investment advisers, and investment companies could be affected by a new phishing campaign. This is similar to the FINRA survey phishing campaign that occurred in October 2020.The attack is originating from bad actors, purporting to be the Financial Industry Regulatory Authority (FINRA) [...]

By | 2022-07-28T11:33:40-04:00 Sep 8th, 2021|Privacy, Cybersecurity, and Regulation S-ID|

SEC Cybersecurity Sanctions: Your Firm Could Be Next

SEC Cybersecurity Sanctions: Your Firm Could Be Next WHAT HAPPENED? On August 30th, the SEC sanctioned eight firms in three actions for failures in cybersecurity policies and procedures. The investigations revealed: Among the eight firms, nearly 200 cloud-based email accounts of firm personnel, representatives, and financial advisors were taken over by unauthorized [...]

By | 2022-07-28T11:35:59-04:00 Sep 3rd, 2021|Privacy, Cybersecurity, and Regulation S-ID|

The SEC’s Latest Exam and Request List Trends

The SEC’s Latest Exam and Request List Trends WHAT HAPPENED? With new SEC leadership in place, including Chairman Gary Gensler and Director of Enforcement Gurbir Grewal, the Commission’s examination trends continue to evolve. Some focus areas, like cybersecurity and business continuity, are more relevant than ever with the changes [...]

SEC Cybersecurity Sweep Exams? Here is what you need to know.

SEC Cybersecurity Sweep Exams? Here is what you need to know. WHAT HAPPENED? Recently, there has been an increase in SEC Exam requests related to cybersecurity. Although the SEC has not yet announced a sweep exam, there appears to be a cybersecurity exam initiative underway. This is likely due [...]

2021 SEC Examination Priorities: What You Should Know

2021 SEC Examination Priorities: What You Should Know WHAT HAPPENED? On March 3, 2021, the Division of Enforcement of the U.S. Securities and Exchange Commission (the Division) released its list of 2021 Examination Priorities. The annual list outlines the regulator’s most pertinent exam initiatives and highlights important areas of [...]

Six New Data Privacy Bills That Could Become Law in 2021

Six New Data Privacy Bills That Could Become Law in 2021 WHAT HAPPENED? State mandated data privacy regulations are constantly evolving to meet the needs of the changing cybersecurity landscape. Staying up to date with these rules is critical to maintaining a compliant and functional cybersecurity program at your [...]

Scam Risks in 2021 and How to Avoid Them

Scam Risks in 2021 and How to Avoid Them Cybercriminals are becoming increasingly sophisticated and continue to find new ways to compromise both individuals’ and firms’ data security. Phishing attacks often use current events or crises to entice users to click infected links, download malicious programs or documents, or provide [...]