Category

SEC

23 April 2018

An Approach to Cybersecurity Risk Oversight for Corporate Directors

*This article first appeared in In-House Defense Quarterly on April 3, 2018

The growing volume and severity of cyber-attacks directed against public companies has caught the attention of federal regulators and investors. Recent guidance from the Securities and Exchange Commission (SEC) on disclosure and enforcement actions by the Federal … Read More

EmailShare
02 March 2018

SEC Issues New Guidance on Cybersecurity Disclosure Requirements

On February 21, 2018, the U.S. Securities and Exchange Commission issued interpretive guidance (the Guidance) to assist public companies in drafting their cybersecuritydisclosures in SEC filings. See 83 FR 8166 (Feb. 26, 2018). In his public statement accompanying the issuance of this guidance, SEC Chairman Jay Clayton said he believed … Read More

EmailShare
19 February 2018

Cybersecurity Identified as an SEC OCIE Examination Priority for 2018

On February 7, 2018, the SEC’s Office of Compliance Inspections and Examinations (OCIE) released its 2018 National Exam Program Examination Priorities (2018 Exam Priorities) and, once again, identified cybersecurity as one of its main areas of focus.  According to OCIE, each of its examination programs will prioritize cybersecurity. The 2018 … Read More

EmailShare
13 February 2018

SEC Office of Compliance Inspections and Examinations Publishes 2018 Exam Priorities

On February 7, 2018, the Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (the Commission) released its annual National Exam Program Examination Priorities (Exam Priorities).1 As has been widely reported, the Exam Priorities’ general focus areas include:

  • retail investors
  • compliance and risks in
Read More
EmailShare
02 January 2018

Privacy and Cybersecurity Top 10 for 2018

This past year was marked by ever more significant data breaches, growing cybersecurity regulatory requirements at the state and federal levels and continued challenges in harmonizing international privacy and cybersecurity regulations. We expect each of these trends to continue in 2018.

As we begin this New Year, here is list … Read More

EmailShare
16 August 2017

SEC’s OCIE Cybersecurity Risk Alert Announces Cybersecurity 2 Observations

On August 7, 2017, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a cybersecurity Risk Alert summarizing its observations from its second cybersecurity survey of financial services firms.  Overall, OCIE observed increased cybersecurity preparedness since its first 2014 “Cybersecurity 1” Initiative, but also the SEC noted a number … Read More

EmailShare
19 May 2017

SEC Issues “WannaCry” Ransomware Alert to Broker-Dealers and Investment Companies

On May 17, 2017, the SEC’s Office of Compliance Inspections and Enforcement (OCIE) issued a cybersecurity alert to the securities firms it regulates. OCIE advised broker-dealers and investment companies to take certain actions in connection with the recent WannaCry and Wanna Decryptor ransomware attacks that affected numerous organizations in over … Read More

EmailShare
24 February 2017

New NACD Cyber-Risk Handbook a Reminder of Critical Board Oversight Duties

*This article first appeared in Bloomberg BNA Corporate Law & Accountability Report on February 23, 2017

On Jan. 12, 2017, the National Association of Corporate Directors (NACD) released its new “NACD Director’s Handbook on Cyber-Risk Oversight.” The NACD has suggested that directors can use this Cyber-Risk Oversight Handbook … Read More

EmailShare
13 June 2016

SEC Interest in Cybersecurity Continues; Chair Views Cybersecurity as Biggest Risk to the Financial System

Securities and Exchange Commission Chair Mary Jo White emphasized the agency’s focus on cybersecurity preparedness and response at a conference in Washington, D.C. in mid May, stating “we can’t do enough in this sector.”  Reuters reports that Chair White views cybersecurity as the biggest risk facing the financial system, quoting … Read More

EmailShare
11 January 2016

Top Ten Data Protection and Privacy Issues to Watch in 2016

*This post originally appeared in Law360 on January 7, 2016.

While 2015 was a big year in data, 2016 may prove to be even bigger.  Many hot button and game changing topics are being debated in legislative bodies and campaign trails, regulators are focused, and privacy-related litigation continues to rise. … Read More

EmailShare
XSLT Plugin by BMI Calculator