What Funds Can Take Away From SEC Cybersecurity Guidance
Posted on May 11, 2015 in Uncategorized | Comments Off on What Funds Can Take Away From SEC Cybersecurity Guidance
In late April 2015, the U.S. Securities and Exchange Commission responded to the heightened risk of data breaches at the entities it regulates by issuing prescriptive guidance on cybersecurity for all investment advisers and registered investment companies, including mutual funds, insurance separate accounts and business development companies (funds). In her article for Law360,...
DOJ Publishes Cyberincident Response Best Practices Document
Posted on May 5, 2015 in Uncategorized | Comments Off on DOJ Publishes Cyberincident Response Best Practices Document
The Cybersecurity Unit of the Department of Justice (DOJ) has published a “best practices” document to assist organizations in developing a response plan for cyberincidents. The document, titled Best Practices for Victim Response and Reporting of Cyber Incidents, focuses on steps organizations should take before, during and after a cyberincident and emphasizes the need for...
SEC Updates Guidance on Cybersecurity
Posted on Apr 30, 2015 in Uncategorized | Comments Off on SEC Updates Guidance on Cybersecurity
Emphasizing the critical importance of cybersecurity to registered investment companies (RICs), including insurance separate accounts and business development companies, and to investment advisers, the SEC’s Division of Investment Management issued new Cybersecurity Guidance on April 28, 2015. As RICs and advisers become ever more dependent on information technology to conduct their...
SEC and FINRA Exam Priorities
Posted on Feb 3, 2015 in Uncategorized | Comments Off on SEC and FINRA Exam Priorities
In their recent examination priorities letters, both the SEC and FINRA highlighted cybersecurity as an area of focus for 2015 exams. In the SEC letter, the Office of Compliance Inspections and Examinations (OCIE) explained that it will continue its 2014 initiative to examine broker-dealers’ and investment advisers’ cybersecurity compliance and controls, and also plans to expand the...
USPS Report on NCOA’s Change of Address Procedures Finds Inadequate Protection of Customer Information
Posted on Jan 25, 2015 in Uncategorized | Comments Off on USPS Report on NCOA’s Change of Address Procedures Finds Inadequate Protection of Customer Information
In September 2014, a report of the United States Postal Service’s (USPS) Office of Inspector General (OIG) found that the security controls used by the National Change of Address Program (the NCOA Program) do not sufficiently protect the confidentiality and integrity of customer information. In particular, inadequate data protection by the NCOA Program’s National Change of Address...
Subscribe
FEATURED
Check out the BreachLawWATCH app which allows easy access to data breach statutes across the United States and a growing number of jurisdictions.
Video: As the challenges cybersecurity and data privacy present are often global
