ACA Spotlight Blog

ACA Spotlight Blog

Risk and compliance alerts, insights, and resources for financial services firms
 

Subscribe

Cybersecurity

 

August 10, 2020
Benchmarking your firm’s cybersecurity program against those of your peers is a smart way to identify the compliance gaps your firm should address. Here are the results of the 2020 NSCP / ACA Aponix Cybersecurity Compliance Programs Survey.
July 31, 2020
Many authorities are questioning whether mandatory password reset policies are worth the hassle.  Get ACA's guidance on when, if ever, you can remove or relax your password reset policy.
abstract motion blur cybersecurity composite
July 22, 2020
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert identifying a critical vulnerability affecting all versions of Microsoft® Windows Server® configured with the Domain Name System (DNS) role enabled. The vulnerability could potentially allow a remote attacker to gain control of affected systems. 
connected tiles abstract
July 22, 2020
Running vendor management or third-party risk management (TPRM) programs can be a complicated process for both consumers and providers of services. Here are some of the current challenges with due diligence and opportunities to improve the process for all parties involved.
abstract motion blur cybersecurity composite
July 20, 2020
The Court of Justice of the European Union (CJEU) has determined that the Privacy Shield agreement, a key data sharing agreement that allows signatory U.S. companies to transfer EU resident personal data to the U.S., is no longer valid. Learn what action you may need to take due to this change.
CCPA image
July 17, 2020
The California Consumer Privacy Act (CCPA) went into effect on 1/1/20 and enforcement began on 7/1/20. There has already been considerable activity on the class action front, much of it even before the enforcement date. Review what you need to do to avoid CCPA penalties.
abstract motion blur cybersecurity composite
July 13, 2020
The SEC OCIE has issued an alert warning of an increase in the sophistication of ransomware attacks against SEC registrants with attackers using advanced phishing and other social engineering tactics to penetrate financial institution networks and install malware that limits company access to data until a ransom is paid. 
CCPA image
June 29, 2020
As we approach the California Consumer Privacy Act (CCPA) enforcement deadline you may be wondering what happens next. We have updated our CCPA FAQs with the most up-to-date information.
abstract motion blur cybersecurity composite
June 16, 2020
On June 15, 2020 widespread voice and data outages were reported across the U.S with disruptions in service among major cell service carriers, internet service providers, social media platforms, gaming sites, streaming services, banking services, delivery services, and teleconferencing platforms.
May 11, 2020
Read how a private equity energy investor experiencing increased cyber threats to its portfolio companies worked with ACA Aponix to deploy a comprehensive risk management solution to cover all of the firm’s oil and gas portfolio companies. 
Lynx Case Study
May 7, 2020
Read how Lynx FBO Network (Lynx) in the general aviation industry worked with ACA Aponix to execute a Holistic Technology and Cybersecurity Risk Assessment.
abstract motion blur cybersecurity composite
May 7, 2020
Web hosting giant GoDaddy® has suffered a breach affecting thousands of users, per reports of security researchers. The data breach occurred in October 2019, but was first discovered on April 23rd of this year.