Zoom – Firms Should Conduct a Risk-Based Assessment Before Implementation

As many firms have started heavily leveraging remote conferencing systems to maintain business continuity during this COVID-19 outbreak, Zoom has seen a sudden rise in popularity and an equally sudden rise in cybersecurity concerns.  There are many reports detailing both the lack of available protections and the implementation of those protections by firms.  Zoom has… READ MORE

FINRA Notice – Heightened Terror Threat Risk

Last week FINRA posted a Notice to members outlining steps firms may consider taking to be prepared and respond to cyberattacks and other business disruptions.  The Notice was prompted by a Bulletin issued by the Department of Homeland Security (DHS), which noted that Iran and its partners have demonstrated the intent and capability to conduct… READ MORE

New Podcast: The NIST Privacy Framework

NIST (National Institute of Standards and Technologies) published in January 2020 its Privacy Framework, “a voluntary tool developed in collaboration with stakeholders intended to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy.”  In this week’s Oyster Stew podcast, Oyster Consultant Tim Buckler explains what the Privacy… READ MORE

FINRA Notice 19-04 – 529 Share Class Self-Report Initiative

On January 28th, 2019 the Financial Industry Regulatory Authority (FINRA) released Regulatory Notice 19-04, calling attention to FINRA concerns that firms may have failed to reasonably supervise share class selection in 529 plans.  Specifically,  customers may have  purchased an “inappropriate” share class. FINRA encourages firms to review their controls and determine if any clients were… READ MORE

GDPR is in Effect – What Now?

If you had been listening to all the proclamations on May 25, 2018 when GDPR was to come into effect, you may have been surprised when it felt like any other Friday.  GDPR came into effect quietly and no one was fined in all of 2018. Don’t take that to mean that European Data Protection… READ MORE

Webinar Recording Available: GDPR – Are You Protecting Your Clients’ Data?

On April 10, 2018 Oyster Consulting hosted a webinar discussing the General Data Protection Regulation (“GDPR”), designed to protect the rights and data of European Union citizens, that takes effect May 25, 2018.  This regulation is applicable, regardless of who holds the data or where that data is being held. Topics discussed included: The GDPR and… READ MORE