Cybercriminals are co-opting the identities of legitimate US financial advisers to use them as fodder for relationship scams (aka "pig butchering"), which end with the theft of investments.
Read MoreYou may not have thought about working from home before the pandemic hit. In fact, 47% of people in the United States said they never worked remotely before COVID-19, and only 17% did so five days a week. But now, 44% of the same population work from home throughout the week. While this flexibility likely eases the strain on them, their employers must have an even greater focus on cybersecurity.
How can IT teams and cybersecurity professionals uphold the digital safety of multiple remote workers? Read on for the specific difficulties of incident response at a distance and strategies for managing them.
Read MoreOn December 5, 2022, the Division of Examinations of the Securities and Exchange Commission (SEC) released a Risk Alert discussing its observations on Regulation S-ID (Reg. S-ID) from recent examinations of SEC-registered investment advisers and broker-dealers. Reg. S-ID, the SEC’s implementation of the identity theft red flags rule, requires SEC-regulated financial institutions and creditors to develop and implement an identity theft prevention program (Program) with written policies and procedures that are updated periodically. The requirements for the Program are outlined in the text of Reg. S-ID, and there are guidelines in Appendix A to assist firms in creating and maintaining a compliant Program. As Reg. S-ID applies to both SEC and Commodity Futures Trading Commission-regulated entities, financial institutions and creditors should consider their compliance programs accordingly.
Read MoreThe Biden Administration released its Fall 2022 regulatory agenda on Jan. 4, 2023, to outline regulations aimed at cybersecurity requirements for government contractors, the maritime industry, public companies and others.
Read MoreAdditional Requirements to Go Into Effect June 9, 2023
Read MoreAs the name suggests, the purpose of the Federal Trade Commission’s Standards for Safeguarding Customer Information – the Safeguards Rule, for short – is to ensure that entities covered by the Rule maintain safeguards to protect the security of customer information. The Safeguards Rule took effect in 2003, but after public comment, the FTC amended it in 2021 to make sure the Rule keeps pace with current technology. While preserving the flexibility of the original Safeguards Rule, the revised Rule provides more concrete guidance for businesses. It reflects core data security principles that all covered companies need to implement.
Read MoreIn 2021, the number of cyberattacks and data breaches in the U.S. increased by 15.1% from the previous year. And the cost of being victimized by cybercrime rose, as well. According to a study by IBM, on average, a single data breach in the U.S. costs a business $9.44 million.
Read MoreOnline attacks aimed at the financial system are a top concern for regulators, and small advisory firms aren’t immune to the trend, an SEC official warned Wednesday.
Read More