This post originally appeared in our sister publication, Password Protected. A “white hat” is an ethical computer hacker who specializes in penetration testing and other testing methodologies to ensure the security of an organization’s information systems. According to the Ethical Hacking Council, “The goal of the ethical hacker is to help the organization take pre-emptive measures against malicious… Continue Reading
The U.S. Department of Justice has announced the seizure of AlphaBay, the largest criminal marketplace on the Internet, which was used to sell stolen financial information, identification documents and other personal data, computer hacking tools, drugs, firearms, and a vast number of other illegal good and services throughout the world. AlphaBay was the largest dark… Continue Reading
On Friday, May 12, the WannaCry ransomware attack struck hundreds of thousands of users across the globe, causing major disruptions in private and public networks. The attack, which encrypts a user’s files and holds them for ransom, may infect a computer without any action taken by the user. With similar attacks expected, and as we… Continue Reading
On Tuesday, October 4, 2016, the Department of Defense (DoD) issued a long-awaited final rule implementing statutory requirements (10 U.S.C. §§ 391, 393) as part of 32 C.F.R part 236 regarding the reporting, by defense contractors, of certain cyber incidents relating to the contractor’s electronic systems. These reporting requirements are above and beyond what contractors… Continue Reading
On Sept. 15, 2015, the Securities Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) published its second cybersecurity risk alert (the “2015 Risk Alert”). The 2015 Risk Alert is a follow up to the OCIE’s April 2014 cybersecurity initiative risk alert (the “2014 Risk Alert”) announcing a series of examinations to identify cybersecurity… Continue Reading
The Federal Financial Institutions Examination Council (FFIEC) recently issued an assessment tool meant to assist financial institutions in the detection of cybersecurity vulnerabilities and the prevention of cyber attacks. The FFIEC is an interagency body that develops the principles and standards used by agencies and organizations empowered to examine financial institutions, such as the Consumer… Continue Reading
The U.S. Securities and Exchange Commission’s (“SEC”) Division of Investment Management (“Division”) recently released a Guidance Update (“Guidance”) highlighting the importance of cybersecurity for registered investment companies (“funds”) and registered investment advisers (“advisers”). In the Guidance, the Division identified a number of measures for funds and advisers to consider in addressing cybersecurity risk and rapid… Continue Reading
We use cookies to enhance your experience of our website. By continuing to use this website, you agree to the use of these cookies. For more information and to learn how you can change your cookie settings, please see our policy.