In an unintended consequence of the Securities and Exchange Commission's (SEC) unprecedented rulemaking agenda, a black-hat hacker gang has filed a whistleblower complaint against its victim for not reporting a cybersecurity...more
Continuing its active regulatory agenda, the Securities and Exchange Commission on March 9, 2022, proposed new cybersecurity regulations for reporting public companies. Although couched as a series of “disclosure”...more
3/10/2022
/ Corporate Governance ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Disclosure Requirements ,
Policies and Procedures ,
Proposed Rules ,
Publicly-Traded Companies ,
Regulatory Agenda ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
The regular “Weekly Update” email from the Financial Industry Regulatory Authority (“FINRA”) had an eye-catching warning February 16, urging broker-dealer member firms to heed the “Shields Up” cyber threat warning from the...more
2/17/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Financial Industry Regulatory Authority (FINRA) ,
Financial Institutions ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
New Guidance ,
Personally Identifiable Information ,
Russia ,
Threat Management ,
Vulnerability Assessments
Phishing FINRA -
October is cyber-security awareness month, so it’s only appropriate that FINRA started it with another Regulatory Notice warning member firms to beware of a false-survey phishing scheme. The Notice warns...more
10/8/2020
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Financial Industry Regulatory Authority (FINRA) ,
Hackers ,
Information Technology ,
Office of Foreign Assets Control (OFAC) ,
Personally Identifiable Information ,
Phishing Scams ,
Ransomware
FINRA held its bi-annual Cybersecurity Conference in January and recently published five take-away real-world experiences from the conference...more
2/27/2020
/ Anti-Money Laundering ,
C-Suite Executives ,
Consumer Protection Laws ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Data Security ,
Digital Assets ,
Financial Industry Regulatory Authority (FINRA) ,
Financial Markets ,
FinTech ,
Hackers ,
Information Governance ,
Information Security ,
Information Technology ,
Initial Public Offering (IPO) ,
Liquidity Management ,
MSRB ,
Municipal Advisers ,
OCIE ,
Phishing Scams ,
Popular ,
Regulation BI ,
SEC Examination Priorities ,
Securities and Exchange Commission (SEC) ,
Vulnerability Assessments
Tennessee has joined other states in formally approving lawyers’ cloud-storage of client-confidential data. The Board of Professional Responsibility (“BOPR”) held that lawyers ethically may use cloud storage for...more
9/25/2015
/ American Bar Association (ABA) ,
Banking Sector ,
Banks ,
Breach Notification Rule ,
Bring Your Own Device (BYOD) ,
Client Data ,
Client Services ,
Cloud Computing ,
Compliance ,
Confidential Information ,
Confidentiality Policies ,
Corporate Governance ,
Cybersecurity ,
Data Breach ,
Data Loss Prevention ,
Data Security ,
Due Diligence ,
Ethics ,
Financial Institutions ,
Incident Response Plans ,
Law Practice Management ,
OCIE ,
Personally Identifiable Information ,
Popular ,
Risk Assessment ,
Securities and Exchange Commission (SEC) ,
Third-Party Service Provider
A week after OCIE announced it would conduct a second round of cyber-security exams, the Commission emphasized the issue by bringing an enforcement action against a non-custodial investment-adviser over a remediated data...more
9/25/2015
/ Breach Notification Rule ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Financial Institutions ,
Free Identity Theft Protection ,
Hackers ,
Investment Adviser ,
OCIE ,
Personally Identifiable Information ,
Popular ,
Securities and Exchange Commission (SEC) ,
SIFMA