Zoom – Firms Should Conduct a Risk-Based Assessment Before Implementation

As many firms have started heavily leveraging remote conferencing systems to maintain business continuity during this COVID-19 outbreak, Zoom has seen a sudden rise in popularity and an equally sudden rise in cybersecurity concerns.  There are many reports detailing both the lack of available protections and the implementation of those protections by firms.  Zoom has… READ MORE

FINRA Notice – Heightened Terror Threat Risk

Last week FINRA posted a Notice to members outlining steps firms may consider taking to be prepared and respond to cyberattacks and other business disruptions.  The Notice was prompted by a Bulletin issued by the Department of Homeland Security (DHS), which noted that Iran and its partners have demonstrated the intent and capability to conduct… READ MORE

GDPR is in Effect – What Now?

If you had been listening to all the proclamations on May 25, 2018 when GDPR was to come into effect, you may have been surprised when it felt like any other Friday.  GDPR came into effect quietly and no one was fined in all of 2018. Don’t take that to mean that European Data Protection… READ MORE

GDPR: Impacts on American Firms without EU Clients

Confirmation that your firm does not hold any EU resident’s (“data subjects”) data is the first step in complying with the new General Data Protection Regulation (“GDPR”), effective May 25, 2018.  There will still be some decisions and changes awaiting you.  Firms without any EU residents’ data will be impacted in three main ways: deciding if the… READ MORE

Cybersecurity Deadline Approaches – Preparing your firm for the first phase of New York’s ’ Cybersecurity Rule 23 NYCRR 500

The first phase implementation date of New York’s “Cybersecurity Requirements for Financial Services Companies” rule is August 28th, 2017.   The rule requires firms to develop and maintain a cybersecurity program designed to protect the confidentiality, integrity and availability of their information systems.  The program must be based on a risk assessment, identify and assess internal… READ MORE