Sky Blog
The Securities and Exchange Commission (SEC or Commission) brought over 400 enforcement actions in the first half of fiscal year (FY) 2016, and is on pace to surpass its record of 807 enforcement actions in a single …
A new type of warfare is upon us. In this new mode of war, finance is the most powerful weapon, bullets are not fired, financial institutions are the targets, and almost everyone is at risk. Instead of smart bombs, improvised …
Last week, news emerged that China had hacked the FDIC on several occasions during the past few years. This revelation renews concerns about the security of America’s financial institutions and comes on the heels of the third bank hacking through …
The year 2015 marked the fifth anniversary of passage of the Dodd-Frank Act and, for many private fund managers, the third anniversary of SEC registration under the Investment Advisers Act. The past year also saw a number of notable SEC …
On December 18, 2015, President Obama signed into law the Cybersecurity Act of 2015. The Act, arguably the most significant piece of federal cyber-related legislation enacted to date, establishes a mechanism for cybersecurity information sharing among private‑sector and federal government …
To begin with a tautology, when you buy a company, you buy their data—and the attendant risks to that data. Cybersecurity risks are not limited to consumer-facing businesses, whose recent losses of cardholder or patient data grab news headlines. Indeed, …
On Friday, November 13, Federal Trade Commission (“FTC” or the “Commission”) Chief Administrative Law Judge (“ALJ”) D. Michael Chappell issued an Initial Decision in In the Matter of LabMD, Inc. (FTC Docket No. 9357), dismissing the Commission’s Complaint against LabMD, …
The European Court of Justice (ECJ) followed the core of the Opinion of the Advocate General (AG) (see our Privacy Minute dated October 3, 2015) in Schrems v. Data Protection Commissioner (Case No. C-362/14).
Summary
In sum, the ECJ …
On September 22, 2015, the US Securities and Exchange Commission (“SEC”) brought and settled charges against a registered investment adviser (the “RIA”) for violations of the Gramm-Leach-Bliley Act’s “safeguards rule” adopted under Regulation S-P.1 These violations occurred immediately prior …
From the 2013 Target Corporation breach to this year’s attacks on Primera Blue Cross and American Airlines Group Inc., the issue of cybersecurity has emerged at the forefront of risks to be confronted by corporations across a spectrum of industries.…
The Federal Trade Commission’s longstanding effort to establish itself as the primary federal regulator of cybersecurity survived its first appellate test on Monday when the Third Circuit allowed the FTC to continue pursuing its case against Wyndham Worldwide Corp.[1] The …
On June 30, the Federal Trade Commission (FTC) issued its first guidance document as part of its Start with Security initiative. The initiative, announced by FTC Consumer Protection Director Jessica Rich in March, will initially focus on encouraging small and …
The SEC issued a National Exam Program risk alert summarizing OCIE’s cybersecurity examination sweep of advisers and broker-dealers on February 3, 2015 (SEC Risk Alert). On the same day, FINRA issued its report on cybersecurity practices of broker-dealers, based on …
Despite millions of dollars spent on enhancements, cybersecurity remains the area of risk management with the largest gap between threat and preparedness. As the frequency and sophistication of cyber attacks have increased significantly in recent years, counter measures have failed …
An SEC cybersecurity sweep examination by the SEC’s Office of Compliance Inspections and Examinations (OCIE) found that 88 percent of the broker-dealers (BDs) and 74 percent of the registered investment advisers (RIAs) they visited experienced cyber-attacks directly or indirectly through …