Earlier this year, the agency published a list of 2021 examination priorities that prominently featured issues pertaining to cybersecurity, and now it has sanctioned eight firms for related cybersecurity failures.
The protection provides coverage for the costs of legal services, computer forensic services, public relations and crisis management expenses, and more.
The standards it’s developing provide ‘more explicit guidance’ to decrease cyber fraud.
The guidance, which is the first of its kind, includes best practices and tips for protecting retirement benefits.
The Government Accountability Office calls for more guidance on cybersecurity matters and lists recommendations for the DOL to implement.
‘Credential stuffing’ is a method of cyberattack to client accounts that uses compromised client login credentials, resulting in the possible loss of customer assets and unauthorized disclosure of sensitive personal information.
The unexpected economic downturn caused by COVID-19, along with the rapid shift to remote work, made those businesses with few resources even more vulnerable.
While the GDPR does not directly address U.S. benefit plans, it should be of particular interest to defined contribution plan sponsors and their service providers because they hold personal information for each plan participant.
One element of the cybersecurity discussion that is often overlooked is that the biggest threat to many advisory firms is not actually to client accounts but instead to the advisory brand.
A survey finds cybersecurity is registered investment advisers' (RIAs) highest concern.
SEC inspection staffers have identified growing security risks associated with advisers’ storage of electronic customer recorders in cloud-based platforms—and they will be watching for non-compliance in this area.
The American Institute of Certified Public Accountants issued a plan advisory that reminds plan sponsors of ERISA record retention rules and also offers best practices for protecting personal information.