Tag: data breach

The Door is Wide Open: Unpatched Security Flaw Leads to Leak of Login Credentials for 900+ Enterprise VPNs

A popular brand of VPN software recently had usernames, passwords, and IP addresses published on a dark web hacker forum frequented by ransomware gangs. I first wrote about this issue in July 2019. At the time, various VPN appliances from three well known and highly used vendors were vulnerable to a critical vulnerability which could … Continued

Lessons Learned: Wargaming Your Incident Response Plan

Data breaches and cyber incidents made headlines again recently with the announcement that 50 million Facebook accounts were compromised as well as the SEC’s issuance of sanctions against a dual registrant stemming from the firm’s response to phishing attacks. So it was both timely and fitting that U.S. intelligence community veteran Jeff Welgan, Executive Director … Continued

Data Breach Prevention and Response

According to the Investment Firm of the Future, a report published by CFA Institute earlier this year, 24% of the organization’s members rated cybersecurity as their firm’s top technology priority. With the myriad challenges facing investment professionals in 2018, that’s a striking number. What to do? E.J. Yerzak, Director of Cyber IT Services for Ascendant Compliance … Continued

The SEC Data Breach And Impact On New Reporting Rules

The U.S. Securities and Exchange Commission disclosed recently that its Electronic Data Gathering, Analysis and Retrieval (EDGAR) system, a comprehensive database of filings by public companies and other industry participants, was hacked in 2016 and that the intruders may have traded on the information. The announcement comes on the heels of the mutual fund industry … Continued


Subscribe to CSS Blog

CSS frequently publishes blog posts which are written by our team from their observations in the field, at conferences and through experiences with compliance professionals. These posts are designed to further knowledge and share industry best practices. Topics run the gamut, including Form ADV, cybersecurity, MiFID II, position limit monitoring, technology challenges and more. Complete and submit the brief form below to receive notifications when we publish new content.


Mailing List