In an unintended consequence of the Securities and Exchange Commission's (SEC) unprecedented rulemaking agenda, a black-hat hacker gang has filed a whistleblower complaint against its victim for not reporting a cybersecurity...more
On March 31, 2022, the Securities Industry and Financial Markets Association (“SIFMA”) released its after-action report on Quantum Dawn VI – a global financial-markets cybersecurity exercise....more
The regular “Weekly Update” email from the Financial Industry Regulatory Authority (“FINRA”) had an eye-catching warning February 16, urging broker-dealer member firms to heed the “Shields Up” cyber threat warning from the...more
2/17/2022
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Financial Industry Regulatory Authority (FINRA) ,
Financial Institutions ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
New Guidance ,
Personally Identifiable Information ,
Russia ,
Threat Management ,
Vulnerability Assessments
On March 4, FINRA issued a Regulatory Notice warning member firms not to fall for phishing scam preying on compliance fears. The scam uses a phony email address, supports@finra-online.com, demanding an immediate response to...more
Phishing FINRA -
October is cyber-security awareness month, so it’s only appropriate that FINRA started it with another Regulatory Notice warning member firms to beware of a false-survey phishing scheme. The Notice warns...more
10/8/2020
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Financial Industry Regulatory Authority (FINRA) ,
Hackers ,
Information Technology ,
Office of Foreign Assets Control (OFAC) ,
Personally Identifiable Information ,
Phishing Scams ,
Ransomware
A week after OCIE announced it would conduct a second round of cyber-security exams, the Commission emphasized the issue by bringing an enforcement action against a non-custodial investment-adviser over a remediated data...more
9/25/2015
/ Breach Notification Rule ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Financial Institutions ,
Free Identity Theft Protection ,
Hackers ,
Investment Adviser ,
OCIE ,
Personally Identifiable Information ,
Popular ,
Securities and Exchange Commission (SEC) ,
SIFMA
This week the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) announced a second-round of cybersecurity examinations, continuing its initiatives on the issue. The move follows the SEC’s: March 2014 roundtable...more
9/17/2015
/ Bring Your Own Device (BYOD) ,
Compliance ,
Corporate Governance ,
Cyber Attacks ,
Cybersecurity ,
Data Security ,
Due Diligence ,
Financial Institutions ,
Financial Markets ,
Incident Response Plans ,
Loss Prevention ,
OCIE ,
Risk Assessment ,
Securities and Exchange Commission (SEC) ,
SIFMA ,
Third-Party Service Provider
Reacting in part to recent data-breaches and cyber-attacks on larger retailers, the Financial Industry Regulatory Authority (“FINRA”) is conducting a targeted examination of some 20 broker-dealer member firms’ compliance and...more