‘Credential stuffing’ is a method of cyberattack to client accounts that uses compromised client login credentials, resulting in the possible loss of customer assets and unauthorized disclosure of...
While the GDPR does not directly address U.S. benefit plans, it should be of particular interest to defined contribution plan sponsors and their service providers because they hold...
One element of the cybersecurity discussion that is often overlooked is that the biggest threat to many advisory firms is not actually to client accounts but instead to...
Experts in financial services cybersecurity are confident in most organizations’ technical strategies—in their use of sophisticated firewalls, encryption and network...
SEC inspection staffers have identified growing security risks associated with advisers’ storage of electronic customer recorders in cloud-based platforms—and they will be watching for non-compliance in this area.
The American Institute of Certified Public Accountants issued a plan advisory that reminds plan sponsors of ERISA record retention rules and also offers best practices for protecting personal...