he North American Securities Administrators Association (NASAA) is the oldest international organization devoted to investor protection. NASAA members include 67 state, provincial, and territorial securities administrators in the 50 states, the District of Columbia, Puerto Rico, the U.S. Virgin Islands, Canada, and Mexico.

Approved Model Rule For Cybesecurity and Technology

Only four months in and 2021 has already been a big year for state cybersecurity safe harbor legislation. Two states, Utah and Connecticut (and Ohio in 2020), have recently enacted or introduced a breach litigation safe harbor to incentivize businesses to protect personal information by adopting industry-recognized cybersecurity frameworks such as the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework and the Center for Internet Security’s (CIS) Critical Security Controls.

Also requires that a covered entity’s written cybersecurity program “reasonably conform to an industry-recognized cybersecurity framework.” It lists “the framework for improving critical infrastructure developed by [the National Institute of Standards and Technology]” (NIST) and the “Center for Internet Security Critical Controls for Effective Cyber Defense” (CIS), among others, as industry-recognized.

For the second time, DFS has fined a regulated entity for failure to comply with the Cybersecurity Regulation.

Connecticut might soon follow Ohio and Utah by enacting a law that offers liability protection against ransomware and other cyberattacks, but only if victims follow security best practices.

On 1 February 2021, FINRA issued its 2021 Report on FINRA's Examination and Risk Monitoring Program ("FINRA Report") and a bit more than a month later, the SEC’s recently renamed Division of Examinations issued its own 2021 Examination Priorities ("Exam Priorities"). Each of these documents is quite long, with the FINRA report at 44 pages and the Exam Priorities document at 36 pages, and although there are some differences in focus and scope, we did find some common themes, which we have chosen to highlight in what we hope will be a helpful summary.

Closing The Gap Between Paper and Electronic Devices!

Advisor Armor is proud to release Applet Version 1.8 which provides customizable cybersecurity policy enforcement across unlimited endpoints including desktops, laptops, tablets, and mobile devices under a single user license. This novel software scans, notifies and reports policy conformance in real-time.

This month marks one year since unprecedented lockdown restrictions were first introduced throughout the world, as governments scrambled to try and slow the spread of COVID-19. As part of these measures, non-essential businesses were forced to close their physical premises and move to digital/remote working models in order to continue functioning. This precipitated a virtually overnight shift to remote working for a huge number of people and organizations.

The Securities and Exchange Commission’s Division of Examinations today announced its 2021 examination priorities. The Division publishes its examination priorities annually to provide insights into its risk-based approach, including the areas it believes present potential risks to investors and the integrity of the U.S. capital markets.

Once again cybersecurity is part of the top 6 initiatives though the definition is expanded by definition as Information Security and Operational Resiliency.

Advisor Armor software and service continue to provide interpretive guidance and evidence conformance to these expanded expectations. SEC comment highlights include:

For the next several weeks and months, the intense focus will be trained on determining the priorities of the Biden administration. We believe that at the Securities and Exchange Commission (“SEC”), the new administration will ramp up examinations and investigations of investment advisers, and specifically advisers to private funds.