Policies and programs
-
The SEC Has Announced Charges Against Deficient Cybersecurity Procedures
On this day, August 30, the Securities and Exchange Commission (SEC) has sanctioned multiple firms in three actions for failures in both cybersecurity policies and procedures. These failures resulted in large data breaches, causing thousands of email account takeovers for clients and customers. These sanctioned firms have agreed to settle the charges. In one instance,…
-
Service Spotlight: Regulatory Readiness
Financial regulators often hold high standards to the cybersecurity practices of hedge funds and registered investment advisors. In order for firms to meet regulatory requirements, effective and well-maintained cybersecurity programs are necessary. Often, the goal is not only to shore up cybersecurity within your firm, but to bring your firm into the fold of countless…
-
U.S. Treasury, Commerce Departments hacked through SolarWinds compromise
Hackers broke into the networks of the Treasury and Commerce departments as part of a global cyberespionage campaign revealed Sunday. In response to what may be a large-scale penetration of U.S. government agencies, the Department of Homeland Security’s cybersecurity arm issued an emergency directive calling on all federal civilian agencies to scour their networks for…
-
Remote Working: Securing Devices and Protecting Valuable Data
More than 7 months ago, the World Health Organization declared COVID-19 a pandemic. Since then, many of us have made changes to our lifestyle, the way we live and work. As we all try to curb the spread of the COVID-19 virus, remote working has become normalised, and a necessity for many businesses. However, with…
-
“All in this together”: How hedge funds are tackling cybersecurity challenges in the COVID-19 lockdown
Originally Published in HedgeWeek. With the closure of non-essential workplaces during the COVID-19 pandemic shaking up the way financial services companies do business, the remote working environment is raising an assortment of operational challenges for hedge fund firms, spanning communication technology, data and information security, and infrastructure vulnerability. When the UK lockdown was announced last month…
-
Please Surf Responsibly: Drawbridge’s Best Practices for Building a Safer Internet
Safer Internet Day – February 11, 2020 The key to teaching your children and teens about Internet Safety is: Start NOW Safer Internet Day, a worldwide event observed on February 11th, aims to promote the safe and positive use of digital technology for all users – especially children and teens. Drawbridge’s mission is to keep…
-
How Private Equity Firms Can Mitigate Portfolio Company Cybersecurity Risk
Driven by investors’ demands and regulatory expectations, private equity firms have made significant progress in protecting their data. However, many of their portfolio companies don’t have those same incentives and have not put the same level of cybersecurity protections in place. In a guest article, Jason Elmer, the managing partner at Drawbridge, explains how firms…
-
CYBERSECURITY NEWS ALERT: December 2018
On December 20th, the Financial Industry Regulatory Authority (FINRA) released a report detailing the effective cybersecurity practices and common risks observed during recent examinations. The report focused on the following key areas: Branch Controls Phishing Attacks Insider Threats Penetration Testing Mobile Device Security Branch Controls: Maintaining rigorous cybersecurity controls is a firm’s best defense against attacks…
