Cybersecurity Enforcement Update: NYDFS Adopts Final Amendments to its Cybersecurity Regulations and SEC Sues SolarWinds Executive

Share

Recent activity by the New York Department of Financial Services (NYDFS) and the Securities and Exchange Commission (SEC) highlight the continued focus by government regulators on cybersecurity. As these and other regulators take an increasingly assertive enforcement posture, companies should be proactive about structuring their cybersecurity compliance programs to avoid fines, safeguard sensitive data, and protect their reputation.

NYDFS Finalizes Amendments to Cybersecurity Rules

In July, we wrote about ten notable updates proposed by NYDFS to its cybersecurity regulations. On November 1, the NYDFS announced that it had finalized amendments to 23 NYCRR 500.

Continue reading “Cybersecurity Enforcement Update: NYDFS Adopts Final Amendments to its Cybersecurity Regulations and SEC Sues SolarWinds Executive”

SEC Adopts New Cybersecurity Rule

Share

On July 26, the Securities and Exchange Commission (“SEC”) finalized a much anticipated rule addressing cybersecurity risk management, strategy, governance, and incident disclosure. Public companies registered with the SEC will soon be required to report material cybersecurity incidents within four business days of determining the incident to be material and to make periodic disclosures regarding cybersecurity risk management, strategy, and governance.

Continue reading “SEC Adopts New Cybersecurity Rule”

U.S. Securities and Exchange Commission Issues Risk Alert Regarding Safeguarding Customer Records and Information Stored on Cloud-Based Platforms

Share

On May 23, 2019, the United States Securities and Exchange Commission (“SEC”)’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert entitled “Safeguarding Customer Records and Information in Network Storage – Use of Third Party Security Features” (the “Risk Alert”). The Risk Alert highlights the risks associated with the storage of customer records and information by broker-dealers and investment advisors on cloud-based storage platforms.

Continue reading “U.S. Securities and Exchange Commission Issues Risk Alert Regarding Safeguarding Customer Records and Information Stored on Cloud-Based Platforms”

Charges Connected to Hack of SEC’s EDGAR System Discussed in SECurities and Law Perspectives

Share

Last week, the Department of Justice (“DOJ”) and the Securities & Exchange Commission (“SEC”) announced charges connected to a large-scale, international conspiracy to hack into the SEC’s Electronic Data Gathering, Analysis and Retrieval (“EDGAR”) system and profit by trading on stolen material, non-public information. The conduct underlying these cases was one of the principal reasons that the SEC created its Division of Enforcement “Cyber Unit” to target cyber-related securities fraud violations.

Continue reading “Charges Connected to Hack of SEC’s EDGAR System Discussed in SECurities and Law Perspectives”

SEC Cyber Unit Brings Groundbreaking Data Breach Case

Share

The Securities and Exchange Commission (SEC) announced its most significant case ever filed against a respondent for one of the world’s largest data breaches. Albata, Inc., f/d/b/a Yahoo! Inc., (“Yahoo”) settled with the SEC to charges of violating Section 17(a)(2) and 17 (a)(3) of the Securities Act of 1933 (“Securities Act”), amongst other charges, and agreed to various remedies, including a $35 million penalty.

Continue reading “SEC Cyber Unit Brings Groundbreaking Data Breach Case”

SEC Freezes $27 Million Related to a Blockchain/Cryptocurrency Acquisition

Share

The Securities and Exchange Commission (SEC) obtained a court order freezing more than $27 million in proceeds from alleged illegal distributions and sales of restricted shares of a public company , and charged the company, its CEO, and three other affiliated individuals on April 6, 2018. That same day, the Nasdaq Stock Market  halted trading in the company’s stock.

The SEC’s complaint alleges that shortly after the company began trading on the Nasdaq Stock Market and announced the acquisition of a purported blockchain-empowered cryptocurrency business,  its stock price rose dramatically until its market capitalization exceeded $3 billion. The SEC further alleges that the CEO and the three other individual defendants then illegally sold large blocks of their restricted shares to the public while the stock price was excessively elevated and that they collectively reaped more than $27 million in profits.

Continue reading “SEC Freezes $27 Million Related to a Blockchain/Cryptocurrency Acquisition”

©2024 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy