Enforcement Action May Be Omen of SEC’s Cyber-Security Plans
An investment adviser firm in St. Louis has become the (painful) test subject for the SEC’s attitude on cyber-security matters. The case, observers say, is a warning that the agency is moving away from guidance and toward enforcement. So what will the SEC consider to be “reasonable” security efforts? Will ...
Related articles
-
PremiumEU moves to simplify GDPR and AI Act obligations, raising compliance questions for companies
For the past decade, Europe has led in creating strong but flexible rules for data use and safe AI development. The EU’s new plans to simplify key data privacy and AI governance measures have received a mixed response.
-
OpinionHow to make the business case to upgrade records management systems
Companies are giving their records management programs a makeover, and not for the reasons you may think. What used to be a sleepy back-office legal department function is now front and center, often driven by compliance teams. Organizations are discovering that a “save everything, forever” de facto policy doesn’t ...
-
PremiumU.K. data regulator pushes transparency on investigations
Plans to increase transparency around how the U.K.’s Information Commissioner investigates and fines companies should give businesses more clarity, but experts say the regulator still needs to explain how it will prioritize cases.