Call Us Today! (866) 435-8364

SEC

2024 January Newsletter

ELTENI'S CYBER SCOOP Latest News In this newsletter, we uncover an SEC Director’s op-ed on disclosure rules. A major international cybersecurity crackdown by law enforcement. The SEC op-ed on disclosure rules. REGULATORY CORNER SEC Director of Corporation Finance weighs in on Cybersecurity Disclosures Rules The Director of the SEC’s Division of Corporation Finance provided his

2023 December Newsletter

  ELTENI'S CYBER SCOOP Latest News In this newsletter, we uncover additional regulatory rules being approved for Clearing Agencies. Also, the numbers are in, and enforcement actions are up, including SEC settled charges against a broker-dealer and a software company for allegedly providing misleading information regarding cyber incidents. Lastly, the proposed cybersecurity rules for RIAs

2023 November Newsletter

  ELTENI'S CYBER SCOOP Latest News In this newsletter, we uncover a major cybersecurity revelation. The SEC has taken action against SolarWinds Corporation and its CISO, Timothy G. Brown, for alleged fraud and internal control lapses tied to cybersecurity risks. Want to download this in pdf? Enter the password from the email you received.

The SEC proposes new Cybersecurity rules

Earlier today the Securities and Exchange Commission voted to propose rules related to cybersecurity risk management for registered investment advisers, and registered investment companies and business development companies (funds), as well as amendments to certain rules that govern investment adviser and fund disclosures. The SEC Chair Gary Genlser stated that the proposed rules and amendments

NYDFS’s first time charging a company for not adhering to their Cybersecurity Regulation Part 500 of Title 23

The New York Department of Financial Services ("NYDFS") has charged First American Insurance company with multiple section code violations pertaining to cyber security policies. This is NYDFS's first time charging a company for not adhering to their Cybersecurity Regulation Part 500 of Title 23. The charges held against First American are as follows: Deficient cybersecurity

2022-08-02T12:30:30-04:00January 7th, 2022|Cyber, Hackers, NYDFS, Rules, SEC|

The SEC issues fines for deficient cybersecurity programs!

Today the Securities and Exchange Commission (SEC) sanctioned eight firms in three actions for failures in their cybersecurity policies and procedures that resulted in email account takeovers exposing the personal information of thousands of customers and clients at each firm. A total of $800,000 were levied against these firms. In summary, the firms named in

SEC Charges First American Financial Corporation With Cybersecurity Disclosure Controls Failures

On June 15, 2021 “The Securities and Exchange Commission (“SEC”) announced settled charges against real estate settlement services company First American Financial Corporation for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information.” On May 24, 2019, Brian Krebs notified First American Financial Corporation of a vulnerability with its

2021-06-15T12:53:23-04:00June 15th, 2021|Cyber, OCIE, Privacy, Regulatory, SEC, Vulnerability, Vulnerability Disclosure|

2021 SEC OCIE Cybersecurity Exam Priorities

Yesterday the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) released its 2021 exam priorities. In the letter the SEC highlighted that their focus remains the same from prior years with a slight shift in priorities and adjustment of focus. The SEC stated that they will review whether firms have

CFTC issues an alert about potential Microsoft Azure and Office 365 compromise resulting from SolarWinds breach

On January 13, 2021, the Market Participant Division (MPD) of the CFTC sent an email to registrants informing them about an alert that was issued by the DHS Cybersecurity and Infrastructure Security Agency (CISA). In the alert CISA highlighted post compromise activity related to the SolarWinds Breach. More specifically, the alert highlighted that threat actors

2021-01-13T23:46:20-05:00January 13th, 2021|CFTC, Ransomware Attack, SEC|

Cayman Islands Investment firm exposes sensitive client information!

A Cayman Islands investment firm's backups stored in a Microsoft Azure Blob Storage was not secured properly thus resulting in a potential leak of personal banking information, individual passport data, and other sensitive information. A researcher discovered the gaping hole left open by the firm’s Hong Kong based IT provider via a special search engine

Go to Top