The Human Element of Cybersecurity
Beginning in 2014, both the Securities Exchange Commission (“SEC”) and FINRA began to examine the heightened risk financial services firms face regarding unauthorized access to the electronic data that these firms routinely maintain as part of their businesses. As part … Read More
Cybersecurity: Importance of Using a Minimum Two-Factor Authentication
Unauthorized Access Cybersecurity is essentially a regime to prevent unauthorized access. Authorized users are authenticated most commonly via a username and password. However, requiring just a password with a username for access is considered a weak protection control. Weak because … Read More
OCIE to Perform Second Round of Cybersecurity Exams
Over the last year, cybersecurity has been a top focus for the Securities and Exchange Commission (“SEC”) prompting them to issue various guidance to financial firms in the way of risk alerts and guidance statements, and to investors via investor … Read More
SEC Fines Firm for Failure to Adopt Cybersecurity Policies and Procedures
Recently the Securities and Exchange Commission (“SEC”) charged a St. Louis Investment adviser that had experienced a breach of client non-public information with failing to create and implement cybersecurity policies and procedures. According to the SEC’s press release, for over … Read More
Cybersecurity Examination Sweep Summary
This week the Office of Compliance Inspections and Examinations (“OCIE”) released its latest Risk Alert: Cybersecurity Examination Sweep Summary. A focused examination of over 100 registered broker-dealers and advisers was conducted to “better understand how broker-dealers and advisers address … Read More
The Big Four: Cybersecurity Tips
It’s no secret that 2014 was the “year of the hacker”. Huge companies like JP Morgan and Apple were the victims of cybersecurity breaches that affected thousands of consumers. In an effort to reduce these attacks, both the Securities … Read More
2015 Compliance Predictions
Happy New Year! With 2014 behind us and 2015 charging full steam ahead, the Core Compliance team wants to share a few of our 2015 compliance predictions. Increase Use of Technology Based on 2014’s results, we believe the Securities and … Read More
SEC Commissioner Addresses Board of Directors’ Cybersecurity Responsibilities
Luis A. Aguilar, a Commissioner of the Securities and Exchange Commission (“SEC”), spoke at the New York Stock Exchange’s Governance Services department “Cyber Risks and the Boardroom” Conference on June 10, 2014. Aguilar spoke regarding the increasing risks associated with … Read More
Risk Management Update Profile – Cybersecurity: Important Considerations for Investment Advisers and Broker-Dealers
Each month, Core Compliance & Legal Services, Inc. (“Core Compliance”) publishes a Risk Management Update (“RMU”), authored by one of our staff members on a current “hot topic” in the securities industry. In late May 2014, Core Compliance’s Lead Managing … Read More