Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

Is a cyber-attack ”Force Majeure”? Je ne crois pas!

Force majeure clauses are designed to address the risk of events which arise during the course of a contract and are beyond the control of the parties. These clauses can operate to suspend the performance of obligations for the duration of the force majeure and without liability, affording the affected party the opportunity to restore business-as-usual operations. They are the...

FTC Reviews Security Updates Practices of Eight Mobile Device Manufacturers

The Federal Trade Commission is requiring eight mobile device manufacturers to provide the FTC with information about how they determine to issue security updates to address vulnerabilities in smartphones, tablets, and other mobile devices. The FTC plans to use these filings to study policies, procedures, and practices used to notify customers and determine whether to provide security...

The SEC’s Cybersecurity Enforcement Action: Rulemaking by Enforcement

The Securities and Exchange Commission recently brought an enforcement action against an investment adviser that, like a large number of companies, was the victim of a cyberattack. Although the SEC did not allege that any of the firm’s clients suffered harm, the Commission nonetheless sanctioned the firm for its allegedly unreasonable policies and procedures. In their article for...

SEC Charges Investment Adviser with Failure to Adopt Required Cybersecurity Policies Prior to Breach

On September 22, the Securities and Exchange Commission (SEC) announced that it had entered into a settlement order with R.T. Jones Capital Equities Management, Inc., a St. Louis-based SEC registered investment adviser, for failure to establish required cybersecurity policies and procedures in advance of a breach. As a result of the firm’s failure to adopt reasonable cybersecurity...

They’re Baaaack . . . SECs Office of Compliance Inspections and Examinations Releases New Cybersecurity Risk Alert

Yesterday, the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert describing OCIE’s 2015 cybersecurity exam initiative.  [link to www.sec.gov/ocie/announcement/ocie-2015-cybersecurity-examination-initiative.pdf].  As the Risk Alert notes, OCIE’s new cybersecurity initiative builds on information OCIE learned from...

« Older Entries