Cybersecurity is a growing concern for individuals and businesses alike. More and more people are wanting to improve their online security whether that’s through monitoring potentially harmful activity they see or using a promo code for torguard to get a cheap VPN that will protect their data. A VPN works by routing a device’s internet […]
Let’s be real for a second, running a company of any size is a tedious and exhausting job. You are busy, your team is busy, and we get that. Unfortunately, being busy and focused on the task at hand is no excuse for letting your company slip through the cracks when it comes to cybersecurity […]
You know that business continuity (BC) plan that you keep meaning to write but put off for another day? It’s time to stop procrastinating because some changes to business continuity are on the horizon. The SEC is proposing a new rule that would require SEC registered investment advisers to adopt and implement written business continuity […]
On November 3rd, 2015, the Federal Financial Institutions Examination Council (FFIEC) issued a statement warning financial institutions of the increasing number of cyber-attacks used to extort money and other allowances from victims, a trend that is seen around the world. For example, news came out in September that several large financial organizations in the United Kingdom were being targeted by extortion cybercriminals in the DD4BC group for bitcoins. According to the report, 58% of the extortion ring’s targets were financial organizations (banks and credit unions, currency exchangers, and payment processors), and their monthly attacks increased 400% between September, 2014, and June, 2015. Likewise, representatives from Interpol expressed concern over the growing number of sophisticated cyber-attacks against banks in Russia, Eastern Europe, and other former Soviet states. One very active form of sophisticated attack referenced was cyber extortion.
Since January 2014, the Office of Compliance Inspections and Examinations (OCIE) within the SEC has made it a priority to examine the governance and supervision of information technology systems, operational capability, market access, information security, and preparedness to respond to sudden malfunctions and system outages of firms within the securities industry. Ever since, the OCIE […]
The SEC’s Office of Compliance Inspections and Examinations (OCIE) recently issued an update of their Cybersecurity Examination Initiative–the third one related to this initiative–alerting businesses in the securities industry to the newest areas within cybersecurity practices they will be examining. Each of these six focus areas will assess the extent to which firm procedures and controls have been implemented in order to promote better compliance practices and ultimately improve cybersecurity preparedness:
In an increasingly interconnected business world, on-time delivery of products and services is crucial. As technology and innovation continue improving the way businesses operate, we all must rely on a web of third party vendors and partners to make it happen. Revenue, growth, and brand reputation are at risk if a company’s third party vendors are ever disrupted, breached, and unable to deliver their services. For example, credit unions rely on their payment processing partners to always be running at 100%, law firms must have uninterrupted access to client casework information, and retailers need their key suppliers to produce and deliver goods no matter what.
The FFIEC recently added the “Strengthening hackerimagethe Resilience of Outsourced Technology Services” appendix to its Business Continuity Planning IT Booklet, which details for the first time ways financial institutions (FIs) can increase their cyber-resilience as it relates to technology service providers (TSPs).
JPMorgan Chase and up to four other banks were victims of malicious software cyber-attacks, better known as malware. Malware are programs or applications that disrupt or damage the normal operation of a computer or electronic file system. The intent is to access confidential data or other valuable information for the cyber criminals that created it.
Yet another information breach has amassed millions of private usernames and passwords from around the world, further demonstrating the need for increased proactive cybersecurity measures. As asset managers, it is imperative that the highest level of protection is implemented to protect the financial interests of your clients.