On March 21, 2020, the data security provisions of New York’s Stop Hacks and Improve Electronic Data Security Act went into effect. The SHIELD Act requires any person or business owning or licensing computerized data that includes the private information of a resident of New York to implement and maintain reasonable safeguards to protect the security, confidentiality and integrity of the private information.
Continue Reading

On March 4, 2020, the UK Information Commissioner’s Office fined the international airline Cathay Pacific Airways Limited GBP 500,000 for failing to protect the security of its customers’ personal data. The fine was issued under the Data Protection Act 1998 and represents the maximum fine available under the DPA.
Continue Reading

The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations recently announced the publication of a report entitled “Cybersecurity and Resiliency Observations” that summarizes the observations gleaned from OCIE’s cybersecurity examinations of broker-dealers, investment advisers, clearing agencies, national securities exchanges and other SEC registrants.
Continue Reading