Tag Archives: cyber security

SEC Urges Investment Firms to Better Prepare for Ransomware Attacks

On May 17, 2017, the SEC’s Office of Compliance Inspection and Examination (“OCIE”) issued a risk alert urging broker-dealers, investment advisors and investment companies to safeguard themselves against ransomware in light of the recent global “WannaCry” ransomware attack that impacted entities in over one hundred countries, including Britain’s health system and major companies such as … Continue Reading

Settlement in Home Depot Class Action Provides Data Security Corporate Governance Framework for Companies

The latest settlement in Home Depot’s data breach litigation provides a data security framework for corporate governance that may be used by other companies as a template.  Based on claims arising from a massive data breach in 2014 involving 56 million credit cards, Home Depot Inc. recently settled both a shareholder derivative action and a class … Continue Reading

SEC Hints that Enforcement Actions on Lax Cybersecurity Might Be Coming

With the confirmation of Jay Clayton as the Chair of the Securities and Exchange Commission, comments made last month by the Acting Enforcement Director, Stephanie Avakian, regarding the importance of accurate reporting in the area of cybersecurity, and consequences of inaccurate reporting, may get lost.  At a speech last month, Ms. Avakian, on behalf of the … Continue Reading

NARUC Release of Cybersecurity Guidelines should have Utility Companies on High Alert

On January 30, 2017, the National Association of Regulatory Utility Commissioners (“NARUC”) released Version 3.0 of “Cybersecurity A Primer for State Utility Regulators.”  This cybersecurity overview is an important reminder to public utilities to be prepared for cyber threats. Then again, public utilities probably don’t need a reminder after a cybersecurity event that occurred at … Continue Reading

House Committee Warns Congress to Set Security Standards

Last week, members of the House Energy and Commerce Committee told Congress that they must set cyber security standards for all devices connected to the internet or else face the possibility of a major cyberattack that could cripple critical infrastructure throughout the United States. This hearing came on the heels of the widespread internet outage … Continue Reading

New York Department of Financial Services Proposes Comprehensive Cybersecurity Regulations for Financial Institutions

In September, the New York Department of Financial Services (“DFS”) proposed new rules (“Rules”) that would require covered financial institutions – banks, insurers, and other institutions regulated by the DFS – to establish and maintain cybersecurity programs to protect consumer data and financial systems from cyberattacks. The Rules may have a very broad impact, if … Continue Reading
LexBlog