Cybersecurity: A Question of When, Not If, Your Company will Fall Victim

Feb 20, 2020 1:30:00 PM / by Joot posted in Privacy, Security, Cybersecurity

Financial firms, including broker-dealers and registered investment advisers, are at a high risk of cybersecurity attacks primarily because they control both their own data and the sensitive data related to clients.

Read More

Overhaul Your Privacy Policy, Part 2: Elements of a good privacy policy

Jan 24, 2020 1:00:00 PM / by Charles Black posted in Privacy, Security, Consumer Protection Act

Like most legal documents, privacy policies are fairly bland , and, let’s be honest, few people read them. But the recent enactment of the California Consumer Protection Act (“CCPA”) has Joot fielding privacy policy questions from clients and service providers alike. In our previous post - Is it time to overhaul your privacy policy and notice? - we discussed whether your firm must comply with the CCPA. Today, we spend some more time focusing on the elements of a good privacy policy.

Read More

Is it time to overhaul your privacy policy and notice?

Jan 10, 2020 10:45:00 AM / by Bo J. Howell posted in Privacy, Security, Consumer Protection Act

California recently passed amendments to the California Consumer Protection Act (“CCPA”), which took effect on January 1, 2020! Under the CCPA, investment advisers that are located in or have clients in California may need to update their privacy policy and notices to comply with the new law.

Read More

More Summer Reading

Jun 20, 2019 9:28:20 AM / by Bo J. Howell posted in SEC Updates, ETFs, Security

Last week we published an article about the SEC’s most recent cyber examinations and risk alerts. The week before we noted in our curated articles that the SEC is focused on oversight of technology vendors (like us).  If you still doubt the SEC’s focus on cybersecurity, it’s time for a reality check.

Read More

SEC Cyber-Probe: Round 3

Jun 13, 2019 2:30:00 PM / by Bo J. Howell posted in SEC, Technology, Policies, Security

Recent activity by the Securities and Exchange Commission (“SEC”) highlight its continued focus on cybersecurity. In a Risk Alert issued by the SEC’s Office of Compliance Inspections and Examinations (“OCIE”), the staff highlighted weak controls related to safeguarding customer information in network storage, including third-party providers.

Read More

If you hate changing your password, then read this article!

May 30, 2019 8:40:00 AM / by Bo J. Howell posted in Technology, Security

Do you hate changing passwords? [heads nodding] Does it seem like your company forces you to change your password every other week? [heads nodding; tempers rising] Well good news, the National Institute of Standards of Technology (“NIST”) says you don’t need to change your password until it is compromised, which is like saying you don’t need to lock your door until a burglar has robbed you. Now isn’t that nice.

Read More

Subscribe to Email Updates