Tag: cybersecurity

What Am I Looking At? Making Sense of Your Cyber Testing Reports

It’s no surprise that Compliance and IT do not speak the same language. Compliance staff often speak in terms of regulations and policies, whereas bits and bytes are the language of IT staff. This distinction is clear when it comes to cybersecurity risk management, as the compliance and IT audiences are looking for different takeaways … Continued

Lessons Learned: Wargaming Your Incident Response Plan

Data breaches and cyber incidents made headlines again recently with the announcement that 50 million Facebook accounts were compromised as well as the SEC’s issuance of sanctions against a dual registrant stemming from the firm’s response to phishing attacks. So it was both timely and fitting that U.S. intelligence community veteran Jeff Welgan, Executive Director … Continued

Data Breach Prevention and Response

According to the Investment Firm of the Future, a report published by CFA Institute earlier this year, 24% of the organization’s members rated cybersecurity as their firm’s top technology priority. With the myriad challenges facing investment professionals in 2018, that’s a striking number. What to do? E.J. Yerzak, Director of Cyber IT Services for Ascendant Compliance … Continued

California Privacy Law Brings ‘GDPR-Lite’ to the U.S.

In what has become an ongoing race among states to have the toughest privacy regulation in the U.S., California has jumped to the front. On June 28, 2018, California’s legislature unanimously passed a privacy bill that was later signed by Governor Jerry Brown, which simultaneously strengthens privacy protections for California residents while possibly mooting an … Continued

Advisers Beware: FBI “Operation WireWire” Shows Firms Increasingly Being Targeted Using SEC Filings

CSS has observed more and more investment advisers falling victim to Business Email Compromise, or “BEC” schemes over the past year. Unfortunately, they are in good company, as the trend is consistent with a worldwide increase in such attacks by increasingly skilled hacker networks around the world. On June 10, 2018, the FBI announced in … Continued

Cyber Threat – Why the Best Defenders are Often the Worst Responders

The firms with the best and most pro-active cyber defenses are often the worst responders if their defenses are actually breached. Why so? Because a breach is new to them and they are immediately thrown off-kilter by the attack, unless of course, they have rigorous and frequent table-top exercises to prepare for such situations. So … Continued

The SEC Data Breach And Impact On New Reporting Rules

The U.S. Securities and Exchange Commission disclosed recently that its Electronic Data Gathering, Analysis and Retrieval (EDGAR) system, a comprehensive database of filings by public companies and other industry participants, was hacked in 2016 and that the intruders may have traded on the information. The announcement comes on the heels of the mutual fund industry … Continued


Subscribe to CSS Blog

CSS frequently publishes blog posts which are written by our team from their observations in the field, at conferences and through experiences with compliance professionals. These posts are designed to further knowledge and share industry best practices. Topics run the gamut, including Form ADV, cybersecurity, MiFID II, position limit monitoring, technology challenges and more. Complete and submit the brief form below to receive notifications when we publish new content.

Loading form...

Mailing List

Loading form...