The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
The SEC Division of Examinations recently published a risk alert summarizing observations from exams of registered investment advisers and broker-dealers related to compliance with Reg. S-ID, which is generally designed to...more
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored...more
The Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) has published a risk alert, warning SEC-registered investment advisers, brokers and dealers about the increasing use of...more
The Risk Alert makes clear that OCIE has observed an increase in the frequency of credential stuffing attacks against Registrants, including some successful credential stuffing attacks that resulted in the loss of customer...more
On September 15, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert highlighting the recent uptick in “credential stuffing” cyber-attacks against SEC-registered investment advisors...more
On August 12, 2020, the SEC Office of Compliance Inspections and Examinations (OCIE) published a Risk Alert that identifies potential issues related to the COVID-19 pandemic for SEC-registered investment advisers and...more
The staff of the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (staff) issued a National Exam Program Risk Alert on August 12, 2020 (Risk Alert). The Risk Alert is intended to share...more
- The OCIE of the SEC highlights that responses to COVID-19 present important regulatory and compliance issues for SEC registrants, including “heightened risks of misconduct” tied to recent market volatility. - The Risk...more
With more people working remotely than ever before in light of COVID-19, firms in the private equity and hedge fund space should review their Regulation S-P privacy and information-safeguarding policies to ensure they are...more
Background - On January 27, 2020, the U.S. Securities and Exchange Commission's Office of Compliance Inspections and Examinations ("OCIE") published its Cybersecurity and Resiliency Observations. Cybersecurity and data...more
In view of Iran’s vows to retaliate against the United States for the death of Quassem Soleimani, the NYDFS has issued an industry letter to all regulated entities regarding the need for heightened cybersecurity precautions....more
SEC Tells Firms to Stop Missing the Basics on Cybersecurity - The SEC’s Office of Compliance Inspections and Examinations (OCIE) reported in a recent Risk Alert that many investment advisers and broker-dealers are failing to...more
The SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a risk alert warning that investment advisers and broker-dealers “[do] not always use the available security features” on various network storage...more
The SEC recently issued a risk alert warning about using vendors and cloud-based platforms. Many broker dealers and investment advisors are turning to these third parties to store customer data. In its alert, the SEC’s Office...more
• On May 23, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert describing its observations in past examinations of weaknesses and best practices...more
On May 23, 2019, the United States Securities and Exchange Commission (“SEC”)’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert entitled “Safeguarding Customer Records and Information in Network...more
It should not be surprising to anyone that cybersecurity and data protection remain top priorities for regulators of the financial services industry. Indeed, cybersecurity has been regularly identified as a key priority by...more
On April 16, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert summarizing numerous issues it found in its recent examinations of SEC-registered...more
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
The SEC’s Office of Compliance Inspections and Examinations (OCIE) published a risk alert to encourage registrants to review their privacy policies in light of certain deficiencies observed by OCIE staff during recent...more
Earlier this month, the Securities and Exchange Commission (“SEC”) took a break from its recent focus on digital assets and the Best Interest fiduciary standard to publish a Risk Alert encouraging investment advisers and...more
The Securities and Exchange Commission is warning investment firms to step up their game when it comes to following the agency’s privacy rules. In a Risk Alert issued by the Office of Compliance Inspections and Examinations...more
On April 16, the SEC's Office of Compliance Inspections and Examinations (OCIE) published a Risk Alert outlining issues related to compliance with Regulation S-P that it identified in its inspections of SEC-registered...more
On April 16, 2019, the SEC's Office of Compliance Inspections and Examinations ("OCIE") issued a Risk Alert, based on compliance issues identified in recent examinations of investment advisers registered with the SEC and...more
The SEC has again signaled that now is the time for investment advisers and broker-dealers to get serious about compliance with Reg. S-P. For years, the SEC’s examination priorities have included a focus on cybersecurity...more