No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Justice Insiders Podcast - Human Beings: Cybersecurity's Most Fragile Attack Surface
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
2023 DSIR Deeper Dive: How International and Domestic Regulatory Enforcement Spotlights the Information Governance Tensions Between ‘There’ and ‘Here’ and Between ‘Keep’ and ‘Delete’
Marketing Minute with NP Strategy (Video): How to Respond to a Cyber Security Breach
Life With GDPR – Lessons Learned from The Singtel Opus Data Breach
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
2023 DSIR Deeper Dive: State Privacy and Data Collection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 157: Sarah Glover, Maynard Nexsen Cybersecurity Attorney
Overview of Cybersecurity in Government Contracts
Episode 282 -- CISO and CCOs -- The Evolving Partnership
On April 22, 2025, Laura D’Allaird, Chief of the SEC’s Cyber and Emerging Technologies Unit (CETU), participated in the Incident Response Forum Masterclass 2025 (Incident Response Masterclass). In the session, titled “SEC...more
Each month, we publish a roundup of the most important SEC enforcement developments for busy in-house lawyers and compliance professionals. This month, we examine: •The SEC’s case against crypto firm Kraken is permitted to...more
In order to provide an overview for busy in-house counsel and compliance professionals, we summarize below some of the most important SEC enforcement developments from the past month, with links to primary resources. This...more
On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules that would require current and periodic reporting of material cybersecurity incidents as well as more detailed disclosure of cybersecurity...more
On February 9, 2022, the U.S. Securities and Exchange Commission (“SEC”) proposed a package of new rules and amendments to enhance cybersecurity preparedness and improve cyber resilience of investment advisers and investment...more
In This Issue. The U.S. Securities and Exchange Commission (SEC) proposed changes to private fund regulation; the Office of the Comptroller of the Currency (OCC) succeeded in validating its “valid-when-made” rulemaking; the...more
Background - On August 30, 2021, the Securities and Exchange Commission (SEC) sanctioned eight firms in three actions for cybersecurity failures in their policies and procedures that exposed the personal information of...more
There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more
As publicly reported late last week, the Securities and Exchange Commission’s Division of Enforcement (SEC) sent voluntary requests for information to a range of public companies and investment firms seeking voluntary...more
On September 15, 2020, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a cybersecurity risk alert highlighting the increased use of “credential stuffing” attacks against investment advisers and...more
The Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) has published a risk alert, warning SEC-registered investment advisers, brokers and dealers about the increasing use of...more
On September 15, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert highlighting the recent uptick in “credential stuffing” cyber-attacks against SEC-registered investment advisors...more
The SEC's Office of Compliance and Examinations (OCIE) issued a risk alert on July 10th about its observation of an apparent increase in sophistication of ransomware attacks on SEC registrants, including broker-dealers,...more
For the fourth year running, the Securities and Exchange Commission’s Office continues to list cybersecurity as one of the top enforcement priorities for 2019. As it relates to cybersecurity, the SEC will be focusing on...more
In our second installment of a three-part series, we look at the U.S. Securities and Exchange Commission’s cyber-related enforcement actions in 2018....more
The U.S. Securities and Exchange Commission (SEC) recently announced a consent order settling an enforcement action brought by the SEC against Voya Financial Advisors Inc. (VFA) in connection with a data security incident...more
In February 2018 the SEC outlined its views with respect to cybersecurity disclosure requirements under the federal securities laws as they apply to public reporting companies. Set forth below is a checklist of items included...more
On Feb. 21, the Securities and Exchange Commission (SEC) released interpretive guidance on public companies’ disclosure practices regarding cybersecurity breaches and risks to the public....more
The U.S. Securities and Exchange Commission on Feb. 21, 2018, issued interpretive guidance on public company cybersecurity disclosures. The new guidance will affect public companies and companies seeking to go public in...more
In light of the increasing significance of cybersecurity incidents, and their potential impact on a company's operations, on February 21, the Securities and Exchange Commission (SEC) issued guidance to public reporting...more
Here’s the inside scoop on “Sheltered Harbor,” a “doomsday project” from US banks that they hope will “prevent a run on the financial system should one of them suffer a debilitating cyberattack.” The gargantuan voluntary...more
OCIE Highlights Frequent Topics for Compliance Deficiencies for Investment Advisers - On Feb. 7, 2017, the Securities and Exchange Commission’s (SEC’s) Office of Compliance Inspections and Examinations (“OCIE”) published...more
On June 28, 2016, the Securities and Exchange Commission (the “SEC”) released a proposed rule (the “Proposed Rule”) that would require registered investment advisers (“RIAs”) to adopt written business continuity and...more
Cyberattacks are attempts by hackers to damage, destroy and/or steal data from a computer network or system. From 2013 to 2015, more than 153.6 million people had information stolen in cyberattacks involving companies such as...more
Big financial firm stress test results are out from the Fed later today, and though all banks proved up to the task of reserving enough capital (as reported last Friday), the economic downturn simulation that’s part of round...more