Cyber Attacks Data Security

News & Analysis as of

SEC brings first cybersecurity-related enforcement action

The Securities and Exchange Commission (“SEC”) recently settled its first cybersecurity-related enforcement action against a Missouri based registered investment adviser, R.T. Jones Capital Equities Management, Inc. (the ...more

Cybersecurity + Law Enforcement: The Cutting Edge Symposium | Friday, OctobeWU Law | Bristol,r 16, 2015 R Rhode Island

Cybersecurity, encryption, and government surveillance are daily challenges for public officials, corporations, and lawyers. On October 16, the Roger Williams University School of Law will present Cybersecurity and Law...more

A Compilation of Enforcement and Non-Enforcement Actions

Non-Enforcement Cybersecurity Is At the Top of SEC Examination Concerns In a recent SEC “risk alert” for registered broker-dealers and investment advisers, the SEC’s Office of Compliance Inspections and Examinations (OCIE)...more

What is reasonable? The emerging legalities of cybersecurity post-Wyndham

This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision: Historically, security was an issue reserved in a back room for the IT...more

Latest NAIC Cybersecurity News

The National Association of Insurance Commissioners has announced three initiatives in furtherance of its goal to address cybersecurity issues faced by insurance companies, their state regulators, and consumers, which it...more

Notifying Parties In Username/Password Breaches . . . It’s Not Just the Law

As we head into the end of 2015, state legislators across the country continue to strengthen, update and, in some instances, broaden the scope of their respective state data breach notification laws. Specifically, many...more

FTC Fines Can Add Salt to a Cybersecurity Wound

Cyberattacks are on the rise—so much that we seem to hear about a high-profile hack more often than it probably rains in most parts of California. Although reputational damage from a cyberattack can be scarring, a recent U.S....more

New Credit Card Security Doesn’t Go Far Enough

Hardly a week goes by without a news report of a new cyberattack. As any consumer affected by fraud knows, the harm is real. The impact on businesses, government, and other targets is also real, and includes monetary harm...more

US-China Cyber Deal Big on Promises, Short on Action

In the aftermath of recent cyberattacks attributed to China’s government and citizens, many observers prepared for a rather uncomfortable state visit by Chinese President Xi Jinping last week. Then, as President Xi began his...more

The Legal Lessons of Data Breaches

Every business would love to find a fortune teller to give it insight into what trends to follow, which risks to take, and when “exposure” will convert to liability. Some clients might say that, unfortunately, their lawyers...more

SEC Penalizes Investment Adviser over Inadequate Cyber-Risk Program Prior to Data Breach

On September 22, the SEC ordered a Missouri-based investment adviser to pay a $75,000 penalty, settling allegations that the investment adviser failed to implement required written cybersecurity policies and procedures prior...more

SEC’s Increased Cybersecurity Enforcement and How to Reduce Your Risks

The SEC announced last week that an investment adviser had agreed to settle charges that it failed to take required steps to protect against and respond effectively to a cybersecurity breach. The action comes on the heels of...more

The SEC OCIE Announces Increased Scrutiny of Broker-Dealers’ and Investment Advisers’ Cybersecurity Programs

On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more

Investment Adviser Settles SEC Charges After Data Breach

Last week, the Securities and Exchange Commission (SEC) settled charges against a registered investment adviser for failing to comply with Rule 30(a) of Regulation S-P (17 C.F.R. § 248.30(a)) (“Safeguards Rule”). The...more

U.S. Attorney General Discusses DOJ’s Global Cybercrime Initiatives at Europol

On September 16, U.S. Attorney General Loretta Lynch addressed the European Cybercrime Center at Europol, where she highlighted recent and planned DOJ initiatives related to global cybercrime and cyber threat efforts and...more

The SEC Charges Investment Adviser with Violating Regulation S-P by Failing to Adopt Cybersecurity Policies and Procedures

In recent years, the SEC has been focused on cybersecurity. It has issued risk alerts, conducted examinations and provided guidance about what the agency sees as widespread weaknesses in many policies and procedures to...more

Evolving Litigation of Data Breach Claims

An Illinois circuit court judge has dismissed five of six claims in a consolidated class action against Advocate Health and Hospital Corporation arising from a data breach in July 2013. The judge’s dismissal with prejudice...more

SEC Shows It’s Serious About Cyber Security

A week after OCIE announced it would conduct a second round of cyber-security exams, the Commission emphasized the issue by bringing an enforcement action against a non-custodial investment-adviser over a remediated data...more

Class In Session: Minnesota Federal Court Certifies Class In Target Corporation Data Breach Suit

On September 15, 2015, a federal district court in Minnesota granted a motion for class certification of hundreds of credit unions and banks in an action against Target Corporation for damages stemming from the breach of...more

Senate Legislation Seeks To Protect Taxpayer Data In Response To IRS Data Breach

On September 11, 2015, Senate Finance Committee Chairman Orrin Hatch (R-UT) and Ranking Member Ron Wyden (D-OR) introduced a bill aimed at combating identity theft and tax rebate fraud. The legislation comes as the Internal...more

SEC Releases First Cybersecurity Enforcement Action for Failure to Protect Client Data

The SEC’s focus in the action was not on the manner of the firm’s responses to the breach or whether there was any actual harm, but predominantly on the adequacy of the firm’s written policies for safeguarding customer...more

Just Like Neiman Case, FTC v. Wyndham Decision Not All It’s Cracked Up to Be

Back on July 20 this year, the Seventh Circuit Court of Appeals decided Remijas v. Neiman Marcus, leading a chorus of pundits to declare that case changed everything when it comes to data breach cases, signaling a “new tilt...more

Unprecedented Hacking and Trading Scheme Highlights Key Cybersecurity Lessons

On Aug. 11, 2015, federal prosecutors in the District of New Jersey and the Eastern District of New York unsealed indictments against nine individuals in the U.S. and Ukraine who were allegedly involved in a five-year,...more

Return of the Cyborg—FTC and SEC Oversight of Cybersecurity Ramps Up

The government appears to be increasing its enforcement efforts regarding cybersecurity risks. A three-judge panel of the U.S Court of Appeals for the Third Circuit recently held the FTC may bring a claim that a company’s...more

SEC Provides Additional Information On Cybersecurity Examinations

On September 15, 2015, the Security and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert to provide additional information on the areas of focus for its second round of...more

142 Results
View per page
Page: of 6

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.