Long-struggling ‘Google Plus’ Social Network to be Shutdown after Security Breach Affects 500,000

On Monday, October 8, 2018 Google disclosed a security breach it discovered months ago that put at risk the personal data of hundreds of thousands of Google Plus users. In March, Google discovered, and fixed, the bug that allowed outside software developers to gain access to personal information on Google Plus users, including names, email addresses, ages, occupations and relationship status. The company’s decision to not immediately report the software bug has some concerned that Google cannot be relied on to protect privacy. Google…
Continue reading...

SEC’s First Cybersecurity Enforcement Has Many Lessons

The Securities and Exchange Commission recently announced its first ever cyber-related enforcement action in a case that all companies should look at as a refresher on cybersecurity hygiene. In the Matter of Voya Financial Advisors, Inc. was brought against the publicly traded company that manages over $500 billion after a security breach through several of its brokers acting as independent contractors for the company. These brokers typically accessed Voya clients’ PII through a password protected web portal while using their own IT equipment and networks.…
Continue reading...

The SEC is Focused on Public Company Disclosure of Cybersecurity Risks

While new data privacy rules in the European Union have dominated the news lately, the U.S Securities and Exchange Commission (SEC) has not so quietly been making waves of its own in the regulation of cybersecurity. In February ,the SEC issued fresh guidance to public companies on the disclosure of cybersecurity issues, both in identifying risks prospectively and in disclosing breaches quickly. It then followed up that guidance in April with its first ever fine of a public company for failing to promptly disclose a…
Continue reading...

SEC, FINRA and the U.S. Senate Prepare for Cyberattacks in 2015

Two major government agencies have issued reports addressing security of brokerage and advisory firms, and two U.S. Senators have declared their intention to expand cyber-security laws into automobiles.  In February, the SEC released two major publications (here and here) regarding risks for brokerage and advisory firms, as well as adjusters.  The Financial Industry Regulation Authority (FINRA), a private corporation managed by financial industry insiders and billed as the self-appointed “regulator” for NYSE and NASDAQ, has issued a report to assist broker-dealer firms with…
Continue reading...