OCIE has released a risk alert regarding credential stuffing in the context of compliance with Regulation S-P and Regulation S-ID, and is encouraging firms to both (i) review and update their policies and procedures to address the risks associated with credential stuffing and (ii) consider proactive outreach to customers regarding measures taken to safeguard their […]
Search Results for: ransomware
EU Announces First Sanctions under EU Cyber Sanctions Regime
On July 30, 2020, the European Council announced sanctions against six individuals and three organizations for their involvement in a series of cyber-attacks that have caused significant damage in the EU and around the world over the last several years. The announcement follows the EU’s adoption last year of Decision (CFSP) 2019/797, which established the […]
SEC Creates Event and Emerging Risk Examination Team
Following OCIE’s recent and detailed risk alert regarding the threat of ransomware, the SEC today announced that it has created the Event and Emerging Risk Examination Team (EERT) as a part of the Office of Compliance Inspections and Examinations (OCIE). The EERT will engage with registrants regarding emerging threats and current market events, to provide […]
FBI Releases IC3 2019 Internet Crime Report
The FBI’s Internet Crime Complaint Center (“IC3”) has released its 2019 Internet Crime Report (“Report”) on trends and statistics of suspected cybercrimes from 2019. The Report gathers data from 467,361 complaints, an increase from prior years, with dramatic losses in excess of $3.5 billion. In addition to an explanation of the IC3’s history and operations, […]
SEC Releases Detailed Set of “Cybersecurity and Resiliency Observations”
On January 28, 2020, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) released a detailed set of observations culled from thousands of examinations of registered investment advisers, broker-dealers, clearing agencies, national exchanges, and other SEC registrants (“Observations”). These Observations represent the most detailed compilation of strategies and tools that OCIE has observed to promote […]