ACA Spotlight Blog

GRC Spotlight Blog

Cybersecurity

Insights and guidance from ACA's team of experienced compliance and technology professionals.

Categories
M&A Due Diligence and Portfolio Oversight: Minimizing Cyber and Privacy Risks During the Deal Lifecycle
May 30, 2019

Is your firm prepared for the SEC's new cyber focus areas for 2019? Find out what your firm needs to know, and what you can do to prepare.

The Secret Ingredient for Effective Vendor Risk Management
May 30, 2019

Vendor risk management can be painful, time-consuming, and expensive. Get the secret ingredient to capture the full range of vendor risks in our latest blog post.

SEC’s OCIE Issues Risk Alert on Data Storage Security
May 28, 2019

On May 23, the U.S. Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert regarding the security associated with cloud and network data storage solutions.

SEC Conducting Cyber Compliance Examination Sweep of Registered Investment Advisers (RIAs)
May 22, 2019

The U.S. Securities and Exchange Commission (SEC) has commenced a series of cybersecurity examinations on registered investment advisers (RIAs) which targets Form ADV data related to cloud service providers.

New Intel Chip Security Vulnerability
May 15, 2019

On May 14, Intel announced a series of security vulnerabilities in its central processing unit (CPU) chips. The vulnerabilities are collectively labeled Microarchitectural Data Sampling (MDS).

Surveillance Attack Discovered in WhatsApp
May 14, 2019

On May 13, Facebook announced a vulnerability in its popular WhatsApp messaging service. The vulnerability allows attackers to install spyware on smartphones by simply placing a voice call to WhatsApp on the device.

Cost-Effective Cybersecurity Diligence Service for PE Investment Teams
April 24, 2019

Cyber incidents at portfolio companies can drastically diminish their investment value. To help PE investment teams mitigate cyber risks, we're excited to announce our cost-effective cybersecurity diligence service.

Critical Vulnerability Discovered in Internet Explorer
April 18, 2019

On April 10, researchers published information on a critical vulnerability in Microsoft’s Internet Explorer® (IE) browser.

Vulnerabilities Discovered in VPN Applications
April 12, 2019

On April 11, researchers from the Carnegie Mellon Software Institute announced security vulnerabilities in multiple virtual private network (VPN) applications.

Vulnerabilities Discovered in Verizon Fios Routers Affecting Millions
April 10, 2019

On April 9, researchers discovered three serious vulnerabilities in the Verizon Fios Quantum™ Gateway (G1100) router.

SEC Updates Document Request List for Cybersecurity Examinations
April 9, 2019

The SEC's OCIE recently updated their document request list for cybersecurity examinations. Find out what's new in the document request list and how your firm should prepare for a cyber examination.