Privacy, Cybersecurity, and Regulation S-ID

Home/Privacy, Cybersecurity, and Regulation S-ID

Scam Risks in 2021 and How to Avoid Them

Scam Risks in 2021 and How to Avoid Them Cybercriminals are becoming increasingly sophisticated and continue to find new ways to compromise both individuals’ and firms’ data security. Phishing attacks often use current events or crises to entice users to click infected links, download malicious programs or documents, or provide [...]

2020 Compliance Round Up: The Top 10 Regulatory Headlines for Investment Advisers This Year

2020 Compliance Round-Up: The Top 10 Regulatory Headlines for Investment Advisers This Year WHAT HAPPENED? Amid the unique changes and challenges 2020 has brought, there has been plenty of regulatory news from the U.S. Securities and Exchange Commission and the Office of Compliance Inspections and Examinations (OCIE) in the [...]

OCIE Risk Alert: common compliance program issues

OCIE Risk Alert: common compliance program issues WHAT HAPPENED? On Nov. 19, 2020, the Office of Compliance Inspections and Examinations of the U.S. Securities and Exchange Commission (OCIE) released a Risk Alert outlining common compliance concerns among registered investment advisers. The list was compiled based on recent compliance examinations [...]

Avoid the risk of using common passwords– make your accounts more secure today

Avoid the risk of using common passwords– make your accounts more secure today WHAT HAPPENS IF I USE COMMON PASSWORDS? Your accounts could be vulnerable to a variety of attacks, including password “spray attacks.” Password spray attacks target user accounts by attempting to access hundreds of thousands of accounts [...]

ALERT: Phishing attack posing as FINRA survey

ALERT: Phishing attack posing as FINRA survey WHAT HAPPENED? The Office of Compliance Inspections and Examinations of the U.S. Securities and Exchange Commission (OCIE) was recently made aware of a phishing attempt which could affect broker-dealers, investment advisers, and investment companies. The attack came from bad actors, purporting to [...]

The SEC’s 9 recommendations for avoiding “credential stuffing” attacks

The SEC’s 9 recommendations for avoiding “credential stuffing” attacks WHAT HAPPENED? Earlier this month, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) released a Risk Alert outlining newly identified cyber-attack threats called “credential stuffing.” Credential stuffing is a type of cyber-attack [...]

How to Identify and Avoid Vishing and Smishing Attacks

How to Identify and Avoid Vishing and Smishing Attacks WHAT HAPPENED? You likely have heard of phishing attacks, a type of social engineering scheme that tricks victims into clicking email links infected with malware, or into giving sensitive information to cybercriminals posing as a credible contact. Sophisticated attackers use [...]

Are your firm’s electronic records secure by SEC standards?

Are your firm’s electronic records secure by SEC standards? WHAT HAPPENED? In recent years, the United States Securities and Exchange Commission has heightened its emphasis on cybersecurity requirements for firms. Routine examinations now often involve in-depth requests for information on firms’ cyber and data security practices, which are areas [...]

Newly Identified Compliance Risks Due to COVID-19: What You Should Know

Newly Identified Compliance Risks Due to COVID-19: What You Should Know WHAT HAPPENED? Last week, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) issued a Risk Alert which outlines new compliance risks stemming from the global pandemic. The SEC and OCIE have remained [...]

Are You Taking Steps To Avoid Ransomware Attacks?

Are You Taking Steps To Avoid Ransomware Attacks? WHAT HAPPENED? Earlier this month, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) issued a Risk Alert which outlines best practices for maintaining a secure network; the United States Cybersecurity and Infrastructure Agency [...]