As part of its regulatory reform and modernization efforts, Securities Industry and Financial Markets Association (SIFMA) submitted a rule change petition to the SEC in November 2017 requesting refinements to the electronic recordkeeping requirements in Rule 17a-4. Colloquially known as the “write once, read many” or “WORM” requirement, the Rule has been in place since the late […]

On April 10, 2018, the Federal Financial Institutions Examination Council (FFIEC) issued a joint statement on the role of cyber insurance as a crucial component of a firm’s risk management program. While the FFIEC stressed that cyber insurance “is not required by the agencies,” the clear suggestion when reading between the lines is that firms should be […]

According to CSO online, more than a billion plain text passwords from third-party data breaches are freely available on the internet. Combined with the human tendency to reuse passwords for multiple services, and it goes without saying that it is likely your users’ corporate passwords have already been hacked.  In 2017, NIST quietly changed their password […]