Join ACA and AIMA for a discussion of the upcoming UK Investment Firm Prudential Regime
Cyber threats are constantly evolving, so it’s important to stay on top of new threats and address them as quickly as possible. We provide cyber alerts and ongoing monitoring to help protect your company from cyber attacks. We also offer phishing testing and monitoring services to protect your business.
One of the simplest ways a hacker can penetrate your network is via email using a tactic called phishing, or, in a targeted effort, spear-phishing. Successful phishing, vishing (telephone-based phishing), and spearphishing can lead to ransomware, payment fraud, and other cyber crimes. The FBI has reported that people lost $57 million to phishing schemes in 2019.
We deploy targeted email campaigns that are designed to test your employee’s ability to identify phishing threats. We use the results of our phishing tests as part of our staff security training, which covers phishing identification and other essential skills and tools for identifying threats and preventing data breaches.
We periodically issue timely alerts on cyber events and technology concerns that may be relevant to your business. Our alerts provide strategic guidance to help you protect your company and understand how to best prevent or remediate issues.
Over 100,000 domains are registered every day, many for malicious purposes. We monitor newly registered domain names and alert you when a domain name that resembles your firm’s domain is registered so that your firm can take action to combat attempts to steal sensitive information or infringe on your firm’s intellectual property.
Hackers often post sensitive data about their victims or targets on anonymous paste sites to share with the broader hacker community. We monitor select anonymous paste sites for mentions of your firm’s domain or IP addresses, as these could be indicators of an upcoming or ongoing attack.
Aponix Protect™ comprehensive cybersecurity and technology risk solution
Aponix Protect helps firms address evolving cyber risks and threats to ensure that their cybersecurity needs are covered year-round. This solution is available in three tiers, each one designed to provide firms with a flexible, robust, responsive, and cost-effective cybersecurity program.
September 22, 2021
Our Ransomware 101 blog series addresses multiple aspects of the ransomware issue, including what you should know and what you should do to protect your firm, your clients, and your finances. In part one, we discussed the evolving and growing threat of ransomware. In this article (part two), we’ll provide a framework for what your organization can do to prevent and detect ransomware attacks.
September 15, 2021
A vulnerability has been discovered in Apple products that enables the installation of unauthorized software without the user's permission. The vulnerability is actively used to install Pegasus spyware on devices, allowing user activities to be surveilled by an external party.
September 09, 2021
Microsoft reports a previously unseen “zero-day” attack that uses Office files tainted with specially crafted Active X controls. Once opened, these controls create a vulnerability that enables perpetrators to perform remote code execution.
September 02, 2021
The Personal Information Protection Law of the People's Republic of China is scheduled to go into effect on November 1, 2021. This new law affects all companies and other entities, both inside and outside of China, engaged with personal information about individuals residing in China.
August 31, 2021
ACA’s Spring 2021 Virtual Conference was an opportunity for the regulatory compliance, performance, and cybersecurity community to come together and discuss the many changes of the past year and what the future of GRC looks like moving forward.
- GIPS Standards
- Regulatory Technology
August 31, 2021
The SEC announced that it sanctioned eight firms for failure to establish and implement cybersecurity policies and procedures. These failures resulted in multiple instances of criminal email account takeovers causing personally identifiable information from thousands of customers and clients to be exposed.
The acquisition of Catelas further enhances the holistic surveillance capabilities of ACA’s RegTech platform. Catelas’ patented technology automates the mapping of how people connect and form groups within a firm, isolates collusion risk, and detects high-risk behaviors.
ACA Group (ACA), a leading provider of governance, risk, and compliance (GRC) advisory services and technology solutions, today announced that it has entered into a strategic partnership with the Investment Adviser Association (IAA), a leading organization dedicated to advancing the interests of investment advisers.
ACA Group Continues to Enhance Compliance Team with New Hires: Former CCOs, Examiners, and General Counsels
ACA has recently welcomed several new members to our investment adviser practice, all of whom bring years of experience and skills to the team. These additions help us accommodate the developing regulatory landscape and meet our client’s specific needs.
Compliance is Easier Than You Think: Claiming Compliance with 2020 GIPS® Standards for Alternative Investment Managers
ACA recently released a white paper series that covers those details managers need to know to claim compliance with the 2020 Global Investment Performance Standards. Join ACA for a webcast discussion to review how to claim compliance.
The ever-increasing focus by the Regulators on the accountability of senior management, particularly when things go wrong, emphasises how important it is for individuals in senior positions to have a clear understanding of what is expected of them. This succinct course is designed to assist Senior Managers to have a full understanding of what they need to do to achieve compliance with the rules under the obligations created by the Senior Managers and Certification Regime (SMCR).