Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

The SEC’s Cybersecurity Enforcement Action: Rulemaking by Enforcement

The Securities and Exchange Commission recently brought an enforcement action against an investment adviser that, like a large number of companies, was the victim of a cyberattack. Although the SEC did not allege that any of the firm’s clients suffered harm, the Commission nonetheless sanctioned the firm for its allegedly unreasonable policies and procedures. In their article for...

SEC Charges Investment Adviser with Failure to Adopt Required Cybersecurity Policies Prior to Breach

On September 22, the Securities and Exchange Commission (SEC) announced that it had entered into a settlement order with R.T. Jones Capital Equities Management, Inc., a St. Louis-based SEC registered investment adviser, for failure to establish required cybersecurity policies and procedures in advance of a breach. As a result of the firm’s failure to adopt reasonable cybersecurity...

U.S. Court of Appeals Upholds FTC’s Authority to Regulate Cybersecurity

Today, the United States Court of Appeals for Third Circuit issued its opinion in FTC v. Wyndham Worldwide Corp. upholding the authority of the Federal Trade Commission to regulate corporate cybersecurity under Section 5(a) of the Federal Trade Commission Act, which prohibits businesses from engaging in “unfair or deceptive acts or practices.” This case was an interlocutory appeal from...

Cybersecurity for Securities Firms: Batten Down the Hatches and Get Your Shark Cage Ready Because “Only the Paranoid Survive.”

Just when you thought it was safe to go back in the water and have a quiet summer, U.S. Securities and Exchange Commission Commissioner Luis Aguilar hoisted the warning flags. At the end of June, he gave a wide-ranging speech addressing a number of cyber-related problems facing the securities industry. In their article for Law360, “Cybersecurity for Brokers: ‘Only the...

FTC Releases Data Security Guidance

The Federal Trade Commission (FTC) has released new guidance for businesses on cybersecurity. The “Start with Security” program is intended to help businesses protect consumer information through best practices for data security. The business guidance outlines 10 recommended steps for effective data security drawn from the FTC’s data breach enforcement cases. The 10 steps include...

FINRA Warns Broker-dealers About Increase in Denial-of-service Attacks

FINRA warned broker-dealers last week that several FINRA members have recently been the victims of distributed denial of service (DDoS) attacks from a criminal group known as DD4BC. (In general terms, a DDoS attack bombards a target website with messages in an effort to make the site unavailable to legitimate users.) According to FINRA, DD4BC first sends its target a ransom request for...

« Older Entries Next Entries »