John Reed Stark
- Blog
Some key cyber-security tips for financial firms
As the SEC and FINRA are taking cyber-security much more seriously, John Reed Stark outlines a few ways in which financial firms can also do more to protect their data.
- Blog
There simply are not enough cyber-security specialists
Companies need to get much more aggressive when it comes to recruiting the right talent to head their cyber-security efforts, writes John Reed Stark.
- Blog
Cyber-security due diligence: a new imperative
Weak cyber-security is as much a hallmark of corporate mismanagement as poor corporate governance, bad tone from the top, and check-the-box compliance. But by taking the due diligence aspects of cyber-security seriously, compliance officers can turn data protection into an opportunity. John Reed Stark has more.
- Blog
Avoiding Vanguard’s cyber-security stumble
Image: A recent incident at Vanguard in which the company unintentionally sent 71 e-mails pertaining to different customer transactions to a random Vanguard customer triggered a flawed response from the company that demonstrates how SEC-registered entities can underestimate just how difficult it is to manage customer data-related predicaments. CW’s John ...
- Blog
The SEC’s Newly Proclaimed Search Warrant Authority
The Securities and Exchange Commission has broad subpoena powers that this dedicated corps of highly credentialed professionals—inspired by a noble sense of mission, and rich with a long history of investor advocacy—tries to use in the best way possible. But when it comes to issuing subpoenas for electronic storage devices, ...
- Blog
What Makes a Good ‘Pen Tester’
Penetration testing is the exercise of testing a company’s cyber-security defenses, and finding the right “pen tester” to do that can be difficult. Learn how to find the right blend of capable, trustworthy, and innovative cyber-security professionals. More inside.
- Blog
Transforming the Cyber-Security Paradigm
Though data breaches are inevitable, companies still remain too focused on fortification rather than response, failing to adopt to the harsh realities of rapidly emerging international and multifarious cyber-security threats. Inside, columnist John Reed Stark recommends a three-step cyber-security transformation for companies to undertake to combat recent rapidly evolving cyber-dangers.
- Article
SEC Pushes New Limits on Cyber-Security, Securities Fraud
Another byproduct of life in the cyber-security age: The SEC is redefining insider trading to focus more on improper trading, even if you are a thief mining a company for inside information without actually working there. The misconduct—called, yes, “outsider trading”—seems to be an SEC-enforceable offense so far, and it ...
- Article
The Workflows You Need to Use After a Data Breach
Compliance officers have enough scrambling to do after a data breach. Not understanding the steps to take, or not being in proper position to take them, only makes matters worse. Inside, guest columnist John Reed Stark walks through all the steps your company needs to take—including those to take before ...
- Article
Preparing Your Board for Cyber-Security Oversight
Every board knows its company will fall victim to a cyber-attack and, worse, that the board will need to clean up the mess and superintend the fallout. This week, guest columnist John Stark, a long-time student of cyber-security risks, breaks down the fundamentals any board must establish for cyber-security, and ...