Cyber risks and threats continue to evolve and firms are under pressure to meet SEC and FCA expectations for operational resilience as well as their own internal and client expectations for cybersecurity and privacy. Stay current on the latest cybersecurity, privacy, and risk threat and regulatory alerts and build your cybersecurity and privacy knowledge with insights from our cybersecurity and technology risk experts.
Insights and Alerts
Ransomware is an evolving and serious problem, particularly for financial services firms. In the first of a three-part blog series, we answer the question, “Why is ransomware a threat to my business?"
Remote attackers can exploit a flaw in Fortinet to gain unauthorized access to devices, and then exfiltrate data or perform other criminal activities from within the breached network.
The U.S. TSA and DHS have issued a directive to operators of fuel and gas pipelines that requires them to improve their cybersecurity defenses.
- Portfolio Company Risk Management
Protecting Your Business as Offices Reopen: A Seven Step Cybersecurity Action Plan for Physical and Hybrid Work Environments
ACA Aponix’s cybersecurity experts have developed the following action plan to help your firm review, revise, and implement a strong cyber program that will help protect your firm against reputational and financial damage as well as meet regulatory obligations, no matter what type of work model you’re employing.
- Cybersecurity Resources
This was the topic of discussion between the SEC’s Keith Cassidy, Head of the SEC’s Technology and Controls Program, and ACA Aponix® partner Mike Pappacena, during ACA’s spring conference. They discussed why the threat of a cyber-attack is so acute for investment advisers, how they can best protect themselves and their clients, and what the SEC expects from investment advisers’ cyber programs. Here are some highlights from their conversation.
Kaseya has warned of an active attack against a number of its customers using Kaseya’s VSA remote monitoring and management (RMM) platform. The attackers are using the platform to deliver REvil ransomware to systems, demanding $44,999 in funds to reclaim access to data.