Tag Archives: Information Security

SEC Exams of Asset Managers to Include Focus on Cybersecurity

Routine SEC examinations of investment advisers and investment companies this year will include scrutiny of these entities’ cybersecurity policies, an SEC official told attendees Thursday at a national agency-hosted compliance seminar. The SEC’s Regulation S-P, which implements the federal Gramm-Leach-Bliley Act, requires brokers, dealers, investment companies, and registered investment advisers to “adopt policies and procedures … Continue Reading

Surveys Reveal Surprisingly Common Data Security Shortcomings

Despite studies indicating that data security is a top concern for executives and corporate boards — a development we previously blogged about here — barely half of employees are familiar with their company’s information security policies, according to a survey by Forrester Research.  The report explains, “only 56 percent of information workers in North America … Continue Reading

FTC Settles P2P-Related Data Breach Charges Alleging Failure to Provide Appropriate Security

By Brian Ryoo The Federal Trade Commission (“FTC”) reached separate settlements with two companies it had accused of exposing sensitive personal information through peer-to-peer (“P2P”) file-sharing software installed on their corporate networks.  The complaints filed against the companies alleged that the companies failed to have in place adequate information security policies and procedures, risk assessment … Continue Reading

Republican Senators Introduce SECURE IT Act

Yesterday Senator John McCain (R-AZ) introduced the Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act of 2012 (SECURE IT Act). The bill's cosponsors include Senators Kay Bailey Hutchison (R-TX), Chuck Grassley (R-IA), Saxby Chambliss (R-GA), Lisa Murkowski (R-AK), Dan Coats (R-IN), Ron Johnson (R-WI), and Richard Burr (R-NC).… Continue Reading

SEC’s Division of Corporation Finance Issues Guidance on Disclosing Cybersecurity Risks

Yesterday, the SEC’s Division of Corporation Finance issued a guidance document regarding public companies’ disclosure obligations relating to cybersecurity risks and breaches.  The guidance responds to a request by Sen. Jay Rockefeller that the SEC clarify its position on this increasingly important issue. The Division noted that as companies have turned to digital technologies to … Continue Reading

Feinstein Introduces Breach Notice Bill; Senate Committee May Consider Breach Notice Proposals Shortly

For the fifth consecutive session of Congress, Sen. Dianne Feinstein (D-CA) has introduced legislation that would establish a federal data breach notification standard.  Sen. Feinstein’s legislation — the Data Breach Notification Act of 2011 (S. 1408) — is one of a number of breach notice proposals circulating on Capitol Hill that would preempt state breach … Continue Reading
LexBlog