ACA Spotlight Blog

ACA Spotlight Blog

Regulatory compliance, risk, and technology insights and news

Subscribe

Cybersecurity

 

LGPD FAQs
July 17, 2019
The Lei Geral de Proteção de Dados (LGPD) is a sweeping data privacy regulation that goes into effect on February 15, 2020. Download our FAQs to find out what you need to know and how the law applies to your company.
FCA alert
July 12, 2019
A recent Freedom of Information request to the UK’s Financial Conduct Authority (FCA) by accounting firm RSM revealed that 819 cyber incidents were reported to the FCA during 2018 – almost a 12-fold increase from the 69 cyber incidents reported to the FCA in 2017.
british airways alert
July 8, 2019
The UK's ICO plans to fine British Airways £183.39m ($230M) under the General Data Protection Regulation (GDPR) for a breach that occurred in 2018. The proposed penalty represents the largest fine of a company since GDPR came into force.
Cyber Alert: Vulnerability Discovered in Microsoft Excel; Rise in Spear-Phishing Attacks
June 28, 2019
This alert contains information about a vulnerability discovered in Microsoft® Excel®, as well as information about a recent rise in spear-phishing attacks attributable to heightened international tensions.
re-Deal IT Due Diligence
June 26, 2019
Our M&A Due Diligence Challenges blog series addresses the changing nature of IT, cybersecurity, and data privacy and how investors can manage these risks and increase their chances of achieving a successful M&A transaction. We also discuss tales from the trenches and lessons learned from M&A due diligence we have performed for clients.
M&A Due Diligence and Portfolio Oversight: Minimizing Cyber and Privacy Risks During the Deal Lifecycle
May 30, 2019
Is your firm prepared for the SEC's new cyber focus areas for 2019? Find out what your firm needs to know, and what you can do to prepare.
The Secret Ingredient for Effective Vendor Risk Management
May 30, 2019
Vendor risk management can be painful, time-consuming, and expensive. Get the secret ingredient to capture the full range of vendor risks in our latest blog post.
SEC’s OCIE Issues Risk Alert on Data Storage Security
May 28, 2019
On May 23, the U.S. Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert regarding the security associated with cloud and network data storage solutions.
SEC Conducting Cyber Compliance Examination Sweep of Registered Investment Advisers (RIAs)
May 22, 2019
The U.S. Securities and Exchange Commission (SEC) has commenced a series of cybersecurity examinations on registered investment advisers (RIAs) which targets Form ADV data related to cloud service providers.
How to Remove the Pain from Vendor Due Diligence
May 16, 2019
Third-party risk management can be painful, time-consuming, and expensive. Get the pain-free solution to effective vendor due diligence in our latest blog post. 
New Intel Chip Security Vulnerability
May 15, 2019
On May 14, Intel announced a series of security vulnerabilities in its central processing unit (CPU) chips. The vulnerabilities are collectively labeled Microarchitectural Data Sampling (MDS).
Surveillance Attack Discovered in WhatsApp
May 14, 2019
On May 13, Facebook announced a vulnerability in its popular WhatsApp messaging service. The vulnerability allows attackers to install spyware on smartphones by simply placing a voice call to WhatsApp on the device.