ELTENI'S CYBER SCOOP Latest News In this newsletter, we uncover additional regulatory rules being approved for Clearing Agencies. Also, the numbers are in, and enforcement actions are up, including SEC settled charges against a broker-dealer and a software company for allegedly providing misleading information regarding cyber incidents. Lastly, the proposed cybersecurity rules for RIAs
ELTENI'S CYBER SCOOP Latest News In this newsletter, we uncover a major cybersecurity revelation. The SEC has taken action against SolarWinds Corporation and its CISO, Timothy G. Brown, for alleged fraud and internal control lapses tied to cybersecurity risks. Want to download this in pdf? Enter the password from the email you received.
On July 29, 2022, the New York Department of Financial Services (NYDFS) provided several potential enhancements to the existing Part 500 Cybersecurity Rules. The Draft Amendments can be divided into six categories: Assessments, Technical Requirements, Governance, Obligations for Larger Companies, Notifications, and Penalties. Assessments The Draft Amendments expand the current definition of Risk Assessment to
The New York Department of Financial Services ("NYDFS") has charged First American Insurance company with multiple section code violations pertaining to cyber security policies. This is NYDFS's first time charging a company for not adhering to their Cybersecurity Regulation Part 500 of Title 23. The charges held against First American are as follows: Deficient cybersecurity
In October 2021, the Federal Trade Commission (FTC) stated that it would expand its Safeguards Rule in order to better protect consumer financial information from cyber attacks and security breaches. The revised Rule requirements will take effect on December 9, 2022. This is a significant development for private funds that were previously exempt from the
