Service Spotlight: Cybersecurity Program Management from Drawbridge

Cybersecurity Program Management

Cyber attacks and other digital risks continuously threaten every aspect of the security of your business, including business continuity, operational resilience, revenue, brand and reputation, and customer relationships. In order to protect the interests of your clients, partners, investors and vendors, your firm must have a comprehensive cyber program in place, no matter what type…

Read More

SEC Division of Examinations Announces 2021 Examination Priorities

This month, the Securities and Exchange Commission’s Division of Examinations announced its 2021 examination priorities. The examination priorities are published each year, offering insights into those areas that the Division believes could present risks to investors and the U.S. capital markets. The Division will focus on climate-related risks, as well as conflicts of interest for…

Read More

SEC’s OCIE RISK ALERT

On May 23, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) released a new risk alert identifying security risks associated with the storage of electronic customer records and information in various network storage solutions, including cloud-based storage. Some of the concerns brought to light from recent examinations were misconfigured…

Read More

Hedge Funds Besieged by on Daily Basis

By David Beach — May 1, 2019 Hackers are exploiting inherent weaknesses in mature hedge funds on a daily basis, say a security vendor and the chief technology officer of an established fund, leading to huge boosts in cybersecurity spending. “Hedge funds are being targeted simply because of cash movements where frequent large transfers are normal…

Read More

CYBERSECURITY RISK ALERT: SEC Regulation S-P Risk Alert

Today, April 16, 2019, the SEC’s Office of Compliance Inspections and Examinations (OCIE) published a risk alert regarding compliance issues related to Regulation S-P. The focal points identified by the OCIE were the failure to provide customers with privacy and opt-out notices, as well as the failure to adopt written policies and procedures that address…

Read More