Cybersecurity

A new SEC enforcement case contains lessons on what not to do if your firm suffers a ransomware attack

"Also concerning is the Commission’s decision to stretch the law to punish a company that was the victim of a cyberattack. While an enforcement action ...

The "threat actor was able to utilize deceptive hacking techniques to install encryption software on certain" of the adviser's "computers (mostly virtual machines) and exfiltrated ...

While this new final rule takes effect Aug. 2, the compliance dates are February 2026 for larger entities and August 2026 for smaller ones

"This disproportionately large penalty for failure to report in a timely manner ... suggests to us that the Commission is more concerned with generating large ...

Washington takes cybersecurity seriously, so managers should take it seriously, too, experts say

Amended Reg S-P would require the customer notice of a breach that would have to be “in writing,” either on paper or electronically

"Under these amendments, covered firms will be required to notify customers of breaches that might put their personal data at risk"

SRO warns of fraudulent e-mails purporting to be from FINRA and using e-mail addresses designed to look like they are those of FINRA execs

Financial services will continue to be hit with the symptoms of the cyber threat, including ransomware, account takeovers, identity theft, and data breaches