Lessons From SEC’s First Cybersecurity Enforcement Action
This week, the SEC fined investment advisory firm R.T. Jones Capital Equities Management for failing to establish required cyber-security policies and procedures, which later led to a breach that compromised the personal data of roughly 100,000 customers. It is the first enforcement action the SEC has brought against a regulated ...
Related articles
-
Article
Frustrating Risk With the Right Internal Control Framework
Image: As cyber-security and IT controls rise up the priority list in corporate audits, a new wrinkle is emerging: numerous frameworks (COSO, NIST, CoBIT) used by numerous parties, all trying to build effective control systems. That could lead to painful detours in mapping controls, if compliance executives don’t plan carefully. ...
-
ArticleCalifornia privacy regulator unveils new cyber, risk, and automation rules
Businesses operating in California will need to meet new, first-in-the-nation privacy requirements for cybersecurity, risk assessments, and automated decision-making technology, under a large expansion of rules by the state.
-
News BriefFTC complaint accuses LA Fitness parent companies of blocking easy membership exits
The Federal Trade Commission filed a complaint against LA Fitness’ parent companies, citing difficulties canceling memberships, a month after a court blocked the agency’s click-to-cancel rule.