Cybersecurity Developments: SEC, FINRA, NIST, DOJ/FTC

Apr 24 2014

SEC Launches Cybersecurity Examination Initiative – Promoting Cyber Preparedness

On April 15, 2014 the Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert announcing that the agency will be examining 50 registered broker-dealers and investment advisers in order to assess cybersecurity preparedness in the securities industry.1 The announcement was accompanied by a sample request for information and documents. According to OCIE, the examinations will focus on “cybersecurity governance, identification and assessment of cybersecurity risks, protection of networks and information, risks associated with remote customer access and funds transfer requests, risks associated with vendors and other third parties, detection of unauthorized activity, and experiences with certain cybersecurity threats.”

Read More

EmailShare
; ; ; ; ;

Significant Impact of New EU Data Protection Regulation on Financial Services

Apr 18 2014

Global Banking & Finance Review

Over two years ago, in January 2012, the European Parliament published a proposal for an EU Regulation on Data Protection (the Regulation) to replace the current European Data Protection Directive. Whilst the Regulation raises significant issues for all industries, the financial services sector has been particularly concerned given the billions of financial records and transitions handled yearly. Due to its potential impact, the proposed Regulation has been one of the most lobbied pieces of European legislation in European Union history. According to reports, the European Parliament’s Civil Liberties Committee, which has been negotiating the Regulation, has received over 4,000 amendments.

View Article

EmailShare
; ;

European Parliament Votes to Approve New EU Data Protection Regulation and Immediate Suspension of Safe Harbor

Mar 17 2014

The European Parliament has voted in a plenary session on March 12, 2014 to fully endorse the draft EU Data Protection Regulation (the Regulation) and the draft EU resolution calling for the immediate suspension of Safe Harbor (the Resolution), both of which were adopted previously by the European Parliament’s Civil Liberties Committee (the LIBE Committee).

According to the European Commission’s press release “today’s plenary vote means the position of the Parliament is now set in stone and will not change even if the composition of the Parliament changes following the European elections in May.”

Read More

EmailShare
; ; ; ; ; ; ; ; ;

Broker-Dealers Need to Respond to Recent Focus on Cybersecurity Threats

Feb 20 2014

Recent data breaches at retailers like Target have increased awareness about growing cybersecurity threats. Broker-dealers in particular need to reevaluate their own cybersecurity preparedness in light of several recent events:

  1. FINRA’s launch of a cybersecurity sweep, publicly announced on the FINRA website on February 6, 2014;
  2. The inclusion of cybersecurity as a priority in the SEC’s National Examination Program for 2014 and FINRA’s 2014 Annual Regulatory and Examination Priorities Letter;
  3. The White House’s February 12, 2014 release of the much-anticipated Framework for Improving Critical Infrastructure Cybersecurity; and
  4. An upcoming SEC public roundtable on cybersecurity issues, to be held in Washington, DC on March 26, 2014.

Read More

EmailShare
; ; ; ; ; ;

Advisory Guidelines on the Singapore Do Not Call Provisions: The Personal Data Protection Act

Feb 18 2014

On December 26, 2013, Singapore’s Personal Data Protection Commission (the “Commission”) issued advisory guidelines on the “Do Not Call” Provisions (“DNC Guidelines”) of the Personal Data Protection Act 2012 (Act 26 of 2012) (“the Act”). The DNC Guidelines supplement the Commission’s earlier issued Advisory Guidelines1 on the Act. The DNC Provisions came fully into effect on January 2, 2014, and the DNC Guidelines serve to illustrate particular aspects of the DNC Provisions, though “they are not meant to exhaustively address every obligation in the Act.”2

Read More

EmailShare
; ; ; ; ;

White House Releases NIST Cybersecurity Framework

Feb 13 2014

On February 12, the White House released the widely anticipated Framework for Improving Critical Infrastructure Cybersecurity (“the Framework”). Developed pursuant to Executive Order 13636 (issued in February 2013), the Framework strongly encourages companies across the financial, communications, chemical, transportation, healthcare, energy, water, defense, food, agriculture, and other critical infrastructure sectors to implement and comply with its voluntary standards. The provisions set forth in the Framework may establish a new baseline for industry standard practices, and may impact or guide FTC enforcement actions and plaintiff data breach lawsuits.

Read More

EmailShare
; ; ; ; ;
1 85 86 87 88 89 94
EmailShare

Categories

Archives

Contacts


Colleen Theresa Brown
Washington, D.C.
ctbrown@sidley.com


John M. Casanova
Singapore, London
jcasanova@sidley.com


Tomoki Ishiara
Tokyo
tishiara@sidley.com


Richard D. Klingler
Washington, D.C.
rklingler@sidley.com


Linh Lieu
Hong Kong
linh.lieu@sidley.com


William RM Long
London
wlong@sidley.com


Geeta Malhotra
Chicago
gmalhotra@sidley.com


Clayton G. Northouse
Washington, D.C.
cnorthouse@sidley.com


Sujit M. Raman
Washington, D.C.
sujit.raman@sidley.com


Alan Charles Raul
Washington, D.C.
araul@sidley.com


Yuet Ming Tham
Hong Kong
Singapore
yuetming.tham@sidley.com


John K. Van De Weert
Washington, D.C.
jvandeweert@sidley.com

Click here to view all of Sidley's Privacy and Cybersecurity professionals.

To receive email alerts when we post a blog entry, please provide your name and email address.

Upcoming Events

  1. Data Protection in Financial Services Week 2021

    February 1 - February 4

View All Events

Privacy and Cybersecurity Roundtable: Monitor-Side Chat Series
XSLT Plugin by BMI Calculator