• Aug
    10
    Further Scrutiny of Cybersecurity Policies and Procedures for UK Firms

    The UK government has opened a consultation on the Network and Information Systems (NIS) Directive from the European Commission, which aims to increase the security of network and information systems with the European Union. The directive relates to loss of service, and will run alongside the GDPR, which focuses on data protection and loss of…

    Read more >

  • Aug
    7
    Considering Cloud?

    Firms which may be considering a move, partial or otherwise, to cloud-based services, will need to work through a checklist to ensure all the bases are covered, that the firm is not exposed to any forthcoming regulations, and that the data will be adequately protected. It’s a common misconception that the cloud is not as…

    Read more >

  • Aug
    4
    Is Your Company Compliant with NYDFS’ Cybersecurity Regulations?

    In March, the New York Department of Financial Services (NYDFS) issued Cybersecurity Regulations (23 NYCRR 500) that further expounded requirements that were not previously included or specifically defined in the SEC OCIE release. The Cybersecurity Regulations took effect on March 1, 2017 and Covered Entities have a 180-day transitional period to comply with requirements. In…

    Read more >

  • Aug
    2
    Record, Retain, Remove, Repeat

    I’ve written quite a lot about the imminent GDPR and MiFID ii regulations which are coming into effect next year, and about how firms will require some fairly serious system refreshes if they are to comply properly. However, there is one specific element which is common across both pieces of regulation that could cause some…

    Read more >