Call Us Today! (866) 435-8364

OCIE

Cayman Islands Investment firm exposes sensitive client information!

A Cayman Islands investment firm's backups stored in a Microsoft Azure Blob Storage was not secured properly thus resulting in a potential leak of personal banking information, individual passport data, and other sensitive information. A researcher discovered the gaping hole left open by the firm’s Hong Kong based IT provider via a special search engine

OCIE issues a new alert: “Credential Stuffing”

Yesterday The Office and Compliance Inspections and Examinations ("OCIE") issued an alert about safeguarding client accounts against credential compromise that highlighted the issue of "credential stuffing attacks". Credential stuffing is a type of cyber attack where many compromised user credentials are tried against systems to gain unauthorized access, using automated means. Over the past few

2020-12-31T18:42:56-05:00September 16th, 2020|BEC, Business Email Compromise, Cyber, Hackers, Hedge Fund, OCIE, Password, Phishing, Private Equity, RIA, SEC|

OCIE issues a new Cybersecurity: Ransomware Alert

Today the OCIE issued a Ransomware Alert, highlighting an uptick in sophisticated social engineering and other cyber campaigns, designed to infiltrate the networks of financial institutions to access sensitive information and/or to deploy ransomware. As a reminder, ransomware actors typically demand monetary payment for the return of data. We can spend time regurgitating what was

Have you considered the work from home risks?

Have you made the decision to allow employees to work from home or are you still contemplating the idea? If work from home is or will be the preferred method for the unforeseeable future, there are some things you should do to maintain your compliance and security posture. Here are some risks you should be

CFTC issues alerts and expects responses!

In December 2019, the U.S. government issued indictments against two hackers who were allegedly involved in a multiyear effort to penetrate the systems of several IT Vendors and Managed Services Providers (MSPs). The attack known today as the “Cloud Hopper Mega Hack” was first noticed in 2016, as indicated by the Wall Street Journal. Preview

2020-12-31T18:43:52-05:00January 9th, 2020|CFTC, Cyber, OCIE, Regulatory, SEC|

Cybersecurity Alert – OCIE – Safeguarding Customer Records and Information in Network Storage – Use of Third Party Security Features

Alert On May 23, 2019, the Office of Compliance Inspections and Examinations ("OCIE") issued the alert "Safeguarding Customer Records and Information in Network Storage - Use of Third Party Security Features". In this alert the OCIE 'identified security risks associated with the storage of electronic customer records and information by broker-dealers and investment advisers in

2020-04-27T10:29:52-04:00May 27th, 2019|Cyber, OCIE|
Go to Top