The SEC is Afraid. Are You? Painful Cyber-Realities and 5 Offensive Measures for the CCO For several years, we have steered clear of fear and doubt-based incentives for practicing good IT security. As the Head of the Division of Investment Management noted in a speech yesterday, the unfortunate reality is that there [...]
Strong Passwords and SEC Enforcement Enforcements pertaining to passwords? There’s only been one cybersecurity enforcement and it pertained to a lack of policy and procedure, right? (We’re referring here to R.T. Jones) Wrong. In 2008 LPL Financial Corporation was enforced for willfully violating Rule 30(a), “The Safeguards Rule,” by having insufficient security [...]
Managing Vulnerabilities In Your Office As part of its second cybersecurity sweep, the SEC is asking advisers and broker dealers about their vulnerability management process. When a regulator starts asking about vulnerability management, the first thought most people have is pointing to vulnerability scanning as we have written about in previous posts. [...]