Alston & Bird Privacy Blog

Kate Hanniford

About Kate Hanniford

Kate Hanniford is a member of the Technology & Privacy Group and Cybersecurity Preparedness & Response Team. She focuses her practice on cybersecurity counseling, as well as federal securities law compliance, enforcement, and litigation.

[Read Bio]

SEC Focused on Protecting Customer Accounts from Credential Stuffing Attacks

By

OCIE has released a risk alert regarding credential stuffing in the context of compliance with Regulation S-P and Regulation S-ID, and is encouraging firms to both (i) review and update their policies and procedures to address the risks associated with credential stuffing and (ii) consider proactive outreach to customers regarding measures taken to safeguard their […]

SEC Creates Event and Emerging Risk Examination Team

By

Following OCIE’s recent and detailed risk alert regarding the threat of ransomware, the SEC today announced that it has created the Event and Emerging Risk Examination Team (EERT) as a part of the Office of Compliance Inspections and Examinations (OCIE).  The EERT will engage with registrants regarding emerging threats and current market events, to provide […]

SEC’s OCIE Issues Ransomware Risk Alert

By

On July 10, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert noting the increasing sophistication of ransomware attacks on SEC registrants and service providers to SEC registrants.  The Risk Alert is notable for its encouragement of financial services market participants more broadly and not just SEC registrants to monitor CISA […]

FTC Cautions Against Biased Outcomes in Use of AI and Algorithms

By

As the healthcare and financial impacts of COVID-19 continue to evolve with the global pandemic, the use of AI technology and associated risks have received greater attention.  On April 8, 2020, the FTC posted an extensive summary of its recent enforcement actions, studies, and guidance regarding the use of AI tools and algorithms.  The summary […]

SEC Releases Detailed Set of “Cybersecurity and Resiliency Observations”

By

On January 28, 2020, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”)  released a detailed set of observations culled from thousands of examinations of registered investment advisers, broker-dealers, clearing agencies, national exchanges, and other SEC registrants (“Observations”).  These Observations represent the most detailed compilation of strategies and tools that OCIE has observed to promote […]