After more than a year of working from home, research shows not much has changed when it comes to addressing the remote work cybersecurity challenge. According to the COVID-19 Cybersecurity in the Remote Workforce study, which surveyed more than 5,800 consumers in February 2021, data shows that employees working from home are still placing corporate data at risk, and companies are not taking many new steps to change that.

Even while there has been a 350% increase in ransomware attacks in the last year, security gaps for remote workers continue to be considerable, and support from IT for remote workers hasn’t improved. Consider these key findings:

On April 14, 2021, the New York Department of Financial Services (DFS) announced it settled an enforcement action against National Securities Corporation (“National Securities”) related to claims under the Cybersecurity Regulation, 23 NYCRR Part 500. The Consent Order imposes a $3 million penalty, various remediation measures and represents a flurry of cybersecurity activity by the regulator in the first quarter of 2021.

he North American Securities Administrators Association (NASAA) is the oldest international organization devoted to investor protection. NASAA members include 67 state, provincial, and territorial securities administrators in the 50 states, the District of Columbia, Puerto Rico, the U.S. Virgin Islands, Canada, and Mexico.

Approved Model Rule For Cybesecurity and Technology

Only four months in and 2021 has already been a big year for state cybersecurity safe harbor legislation. Two states, Utah and Connecticut (and Ohio in 2020), have recently enacted or introduced a breach litigation safe harbor to incentivize businesses to protect personal information by adopting industry-recognized cybersecurity frameworks such as the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework and the Center for Internet Security’s (CIS) Critical Security Controls.

Also requires that a covered entity’s written cybersecurity program “reasonably conform to an industry-recognized cybersecurity framework.” It lists “the framework for improving critical infrastructure developed by [the National Institute of Standards and Technology]” (NIST) and the “Center for Internet Security Critical Controls for Effective Cyber Defense” (CIS), among others, as industry-recognized.

For the second time, DFS has fined a regulated entity for failure to comply with the Cybersecurity Regulation.

Connecticut might soon follow Ohio and Utah by enacting a law that offers liability protection against ransomware and other cyberattacks, but only if victims follow security best practices.

On 1 February 2021, FINRA issued its 2021 Report on FINRA's Examination and Risk Monitoring Program ("FINRA Report") and a bit more than a month later, the SEC’s recently renamed Division of Examinations issued its own 2021 Examination Priorities ("Exam Priorities"). Each of these documents is quite long, with the FINRA report at 44 pages and the Exam Priorities document at 36 pages, and although there are some differences in focus and scope, we did find some common themes, which we have chosen to highlight in what we hope will be a helpful summary.

Closing The Gap Between Paper and Electronic Devices!

Advisor Armor is proud to release Applet Version 1.8 which provides customizable cybersecurity policy enforcement across unlimited endpoints including desktops, laptops, tablets, and mobile devices under a single user license. This novel software scans, notifies and reports policy conformance in real-time.

This month marks one year since unprecedented lockdown restrictions were first introduced throughout the world, as governments scrambled to try and slow the spread of COVID-19. As part of these measures, non-essential businesses were forced to close their physical premises and move to digital/remote working models in order to continue functioning. This precipitated a virtually overnight shift to remote working for a huge number of people and organizations.