Privacy, Cybersecurity, and Regulation S-ID

Home/Privacy, Cybersecurity, and Regulation S-ID

2021 SEC Examination Priorities: What You Should Know

2021 SEC Examination Priorities: What You Should Know WHAT HAPPENED? On March 3, 2021, the Division of Enforcement of the U.S. Securities and Exchange Commission (the Division) released its list of 2021 Examination Priorities. The annual list outlines the regulator’s most pertinent exam initiatives and highlights important areas of [...]

Six New Data Privacy Bills That Could Become Law in 2021

Six New Data Privacy Bills That Could Become Law in 2021 WHAT HAPPENED? State mandated data privacy regulations are constantly evolving to meet the needs of the changing cybersecurity landscape. Staying up to date with these rules is critical to maintaining a compliant and functional cybersecurity program at your [...]

Scam Risks in 2021 and How to Avoid Them

Scam Risks in 2021 and How to Avoid Them Cybercriminals are becoming increasingly sophisticated and continue to find new ways to compromise both individuals’ and firms’ data security. Phishing attacks often use current events or crises to entice users to click infected links, download malicious programs or documents, or provide [...]

2020 Compliance Round Up: The Top 10 Regulatory Headlines for Investment Advisers This Year

2020 Compliance Round-Up: The Top 10 Regulatory Headlines for Investment Advisers This Year WHAT HAPPENED? Amid the unique changes and challenges 2020 has brought, there has been plenty of regulatory news from the U.S. Securities and Exchange Commission and the Office of Compliance Inspections and Examinations (OCIE) in the [...]

OCIE Risk Alert: common compliance program issues

OCIE Risk Alert: common compliance program issues WHAT HAPPENED? On Nov. 19, 2020, the Office of Compliance Inspections and Examinations of the U.S. Securities and Exchange Commission (OCIE) released a Risk Alert outlining common compliance concerns among registered investment advisers. The list was compiled based on recent compliance examinations [...]

Avoid the risk of using common passwords– make your accounts more secure today

Avoid the risk of using common passwords– make your accounts more secure today WHAT HAPPENS IF I USE COMMON PASSWORDS? Your accounts could be vulnerable to a variety of attacks, including password “spray attacks.” Password spray attacks target user accounts by attempting to access hundreds of thousands of accounts [...]

ALERT: Phishing attack posing as FINRA survey

ALERT: Phishing attack posing as FINRA survey WHAT HAPPENED? The Office of Compliance Inspections and Examinations of the U.S. Securities and Exchange Commission (OCIE) was recently made aware of a phishing attempt which could affect broker-dealers, investment advisers, and investment companies. The attack came from bad actors, purporting to [...]

The SEC’s 9 recommendations for avoiding “credential stuffing” attacks

The SEC’s 9 recommendations for avoiding “credential stuffing” attacks WHAT HAPPENED? Earlier this month, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) released a Risk Alert outlining newly identified cyber-attack threats called “credential stuffing.” Credential stuffing is a type of cyber-attack [...]

How to Identify and Avoid Vishing and Smishing Attacks

How to Identify and Avoid Vishing and Smishing Attacks WHAT HAPPENED? You likely have heard of phishing attacks, a type of social engineering scheme that tricks victims into clicking email links infected with malware, or into giving sensitive information to cybercriminals posing as a credible contact. Sophisticated attackers use [...]

Are your firm’s electronic records secure by SEC standards?

Are your firm’s electronic records secure by SEC standards? WHAT HAPPENED? In recent years, the United States Securities and Exchange Commission has heightened its emphasis on cybersecurity requirements for firms. Routine examinations now often involve in-depth requests for information on firms’ cyber and data security practices, which are areas [...]