![cybersecurity[1]](https://www.gtlaw-financialservicesobserver.com/files/2022/02/cybersecurity1.jpg)
On Oct. 22, 2024, the SEC announced settled administrative actions against four current or formerly public technology companies, finding that the companies all made materially misleading disclosures to investors in
Continue Reading SEC Files Actions Against 4 Public Companies for Negligent Cybersecurity Disclosures
On May 21, 2024, U.S. Securities and Exchange Commission Director of the Division of Corporation Finance Erik Gerding issued a statement clarifying when the SEC expects companies to disclose a
Continue Reading SEC Clarifies Confusion Concerning Cybersecurity Incident Reporting
In a Halloween-eve move sure to send shivers down the spines of every public company’s CISO, on Oct. 30, the SEC filed a securities fraud complaint targeting SolarWinds’ CISO in
Continue Reading Chief Information Security Officers in SEC Crosshairs: The SolarWinds Case
On July 26, 2023, the Securities and Exchange Commission (SEC) adopted the long-awaited final rule requiring that public companies disclose information about cybersecurity incidents within four business days of determining
Continue Reading SEC Finalizes Cyber Rules for Public Companies: What You Need to Know
On Nov. 9, 2022, the New York Department of Financial Services (NYDFS) issued a proposed second amendment to its 2017 cybersecurity regulation for financial service companies.[1] In July 2022
Continue Reading NYDFS Proposes Significant Changes to Its Cybersecurity Regulation
On Nov. 15, 2022, the Federal Trade Commission (FTC) announced that it is delaying the effective date of its recent amendments to the Safeguards Rule, promulgated under the Gramm-Leach-Bliley Act
Continue Reading FTC Delays Compliance Date of the Safeguards Rule
On Aug. 11, 2022, the U.S. Consumer Financial Protection Bureau issued guidance indicating that financial institutions and service providers that fail to adopt sufficient data security measures to protect consumer
Continue Reading CFPB Warns Insufficient Data Security Measures May Violate Consumer Financial Protection Act
On Feb. 9, 2022, the SEC released its long-awaited proposed cybersecurity rule, and there’s a lot to unpack. As GT reported previously, the SEC increased enforcement of cybersecurity
Continue Reading SEC Issues Proposed Cyber Rule, Including 48-Hour Breach Reporting Requirement
On Feb. 1, 2021, the Financial Regulatory Authority (FINRA) released its 2021 Report on FINRA’s Examination and Risk Monitoring Program (Report), in which it identifies its areas of examination focus
Continue Reading 2021 Report on FINRA’s Examination and Risk Monitoring Program
On Sept. 25, 2020, the SEC issued a No-Action Letter to FINRA, in response to a previously issued Joint Statement by the SEC and FINRA. This No-Action Letter detailed how
Continue Reading SEC Issues No-Action Letter Facilitating the Secondary Trading of Digital Assets