Financial firms, including broker-dealers and registered investment advisers, are at a high risk of cybersecurity attacks primarily because they control both their own data and the sensitive data related to clients.
Cybersecurity: A Question of When, Not If, Your Company will Fall Victim
Feb 20, 2020 1:30:00 PM / by Joot posted in Privacy, Security, Cybersecurity
Overhaul Your Privacy Policy, Part 2: Elements of a good privacy policy
Jan 24, 2020 1:00:00 PM / by Charles Black posted in Privacy, Security, Consumer Protection Act
Like most legal documents, privacy policies are fairly bland , and, let’s be honest, few people read them. But the recent enactment of the California Consumer Protection Act (“CCPA”) has Joot fielding privacy policy questions from clients and service providers alike. In our previous post - Is it time to overhaul your privacy policy and notice? - we discussed whether your firm must comply with the CCPA. Today, we spend some more time focusing on the elements of a good privacy policy.
Is it time to overhaul your privacy policy and notice?
Jan 10, 2020 10:45:00 AM / by Bo J. Howell posted in Privacy, Security, Consumer Protection Act
California recently passed amendments to the California Consumer Protection Act (“CCPA”), which took effect on January 1, 2020! Under the CCPA, investment advisers that are located in or have clients in California may need to update their privacy policy and notices to comply with the new law.
More Summer Reading
Jun 20, 2019 9:28:20 AM / by Bo J. Howell posted in SEC Updates, ETFs, Security
Last week we published an article about the SEC’s most recent cyber examinations and risk alerts. The week before we noted in our curated articles that the SEC is focused on oversight of technology vendors (like us). If you still doubt the SEC’s focus on cybersecurity, it’s time for a reality check.
SEC Cyber-Probe: Round 3
Jun 13, 2019 2:30:00 PM / by Bo J. Howell posted in SEC, Technology, Policies, Security
Recent activity by the Securities and Exchange Commission (“SEC”) highlight its continued focus on cybersecurity. In a Risk Alert issued by the SEC’s Office of Compliance Inspections and Examinations (“OCIE”), the staff highlighted weak controls related to safeguarding customer information in network storage, including third-party providers.
If you hate changing your password, then read this article!
May 30, 2019 8:40:00 AM / by Bo J. Howell posted in Technology, Security
Do you hate changing passwords? [heads nodding] Does it seem like your company forces you to change your password every other week? [heads nodding; tempers rising] Well good news, the National Institute of Standards of Technology (“NIST”) says you don’t need to change your password until it is compromised, which is like saying you don’t need to lock your door until a burglar has robbed you. Now isn’t that nice.