Privacy, Cybersecurity, and Regulation S-ID

Home/Privacy, Cybersecurity, and Regulation S-ID

OCIE Risk Alert: common compliance program issues

OCIE Risk Alert: common compliance program issues WHAT HAPPENED? On Nov. 19, 2020, the Office of Compliance Inspections and Examinations of the U.S. Securities and Exchange Commission (OCIE) released a Risk Alert outlining common compliance concerns among registered investment advisers. The list was compiled based on recent compliance examinations [...]

Avoid the risk of using common passwords– make your accounts more secure today

Avoid the risk of using common passwords– make your accounts more secure today WHAT HAPPENS IF I USE COMMON PASSWORDS? Your accounts could be vulnerable to a variety of attacks, including password “spray attacks.” Password spray attacks target user accounts by attempting to access hundreds of thousands of accounts [...]

ALERT: Phishing attack posing as FINRA survey

ALERT: Phishing attack posing as FINRA survey WHAT HAPPENED? The Office of Compliance Inspections and Examinations of the U.S. Securities and Exchange Commission (OCIE) was recently made aware of a phishing attempt which could affect broker-dealers, investment advisers, and investment companies. The attack came from bad actors, purporting to [...]

The SEC’s 9 recommendations for avoiding “credential stuffing” attacks

The SEC’s 9 recommendations for avoiding “credential stuffing” attacks WHAT HAPPENED? Earlier this month, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) released a Risk Alert outlining newly identified cyber-attack threats called “credential stuffing.” Credential stuffing is a type of cyber-attack [...]

How to Identify and Avoid Vishing and Smishing Attacks

How to Identify and Avoid Vishing and Smishing Attacks WHAT HAPPENED? You likely have heard of phishing attacks, a type of social engineering scheme that tricks victims into clicking email links infected with malware, or into giving sensitive information to cybercriminals posing as a credible contact. Sophisticated attackers use [...]

Are your firm’s electronic records secure by SEC standards?

Are your firm’s electronic records secure by SEC standards? WHAT HAPPENED? In recent years, the United States Securities and Exchange Commission has heightened its emphasis on cybersecurity requirements for firms. Routine examinations now often involve in-depth requests for information on firms’ cyber and data security practices, which are areas [...]

Newly Identified Compliance Risks Due to COVID-19: What You Should Know

Newly Identified Compliance Risks Due to COVID-19: What You Should Know WHAT HAPPENED? Last week, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) issued a Risk Alert which outlines new compliance risks stemming from the global pandemic. The SEC and OCIE have remained [...]

Are You Taking Steps To Avoid Ransomware Attacks?

Are You Taking Steps To Avoid Ransomware Attacks? WHAT HAPPENED? Earlier this month, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) issued a Risk Alert which outlines best practices for maintaining a secure network; the United States Cybersecurity and Infrastructure Agency [...]

New Security Feature for Web CRD and IARD Systems

New Security Feature for Web CRD and IARD Systems WHAT HAPPENED? For Super Account Administrators (SAAs) and Account Administrators (AAs) on FINRA’s Web CRD or IARD platforms, a new security feature is now required as part of the login process. For these administrators, FINRA is phasing in a multi-factor [...]

Six Ways to Help Protect Your Firm from a Cybersecurity Breach

Six Ways to Help Protect Your Firm from a Cybersecurity Breach WHAT HAPPENED? As the COVID-19 pandemic has changed how most industries are conducting business, one of the biggest challenges is the transition to working from home. Many people are using their personal devices for work, often on an [...]