Compliance & Enforcement

With over a combined 25 years of business, legal, and technical experience, The Law Office of John J. Cooney, P.C. offers comprehensive legal strategies and solutions for businesses working seamlessly with management and any existing counsel in an efficient manner. John’s firm concentrates on General Counsel services, Pre-Litigation Investigation, Defense, and Compliance services, as well as the Cybersecurity arena.

John J. Cooney, Esq

SEC Adopts Proposed Cybersecurity Disclosure Rules

As you know, the Securities and Exchange Commission (SEC)  has been working on new cybersecurity disclosure rules for over a year. A few days ago, the SEC adopted the new rules on a vote of…

FINRA’s Guidance and Insights Concerning Cybersecurity

Earlier this year, the Financial Industry Regulatory Authority (“FINRA”) published its 2023 Report on FINRA’s Examination and Risk Monitoring Program (the “Report”). The Report emphasized that FINRA believes “cybersecurity remains one of the principal operational…

SEC Rule Nearing Implementation

Although the last few updates have concerned the New York Department of Financial Services (“DFS”) and its proposed amendments to its Cybersecurity Regulation, 23 NYCRR Part 500, it is important to remember that the Securities…

2023 and DFS Proposed Amendments

As discussed prior, in late 2022 the New York Department of Financial Services (“DFS”) published proposed amendments to its Cybersecurity Regulation, 23 NYCRR Part 500 (“Proposed Amendments”). If the Proposed Amendments are adopted, they would…

Cybersecurity Insurance Developments

The cybersecurity insurance market continues to evolve and there are some important developments for your consideration.  In short, although cybersecurity insurance is an important component in your cybersecurity plan (e.g., mitigating costs), it is critical…

SEC Proposes New Cybersecurity Rules

As you may remember, earlier this year the Securities and Exchange Commission (SEC) voted to propose cybersecurity rules and amendments related to disclosures, risk management and security incidents for registered investment advisers and registered investment…

DFS and SEC Warn Financial Entities of Heightened Cybersecurity Risk

Both the New York State Department of Financial Services (“DFS”) and the Securities and Exchange Commission (“SEC”) have warned financial entities that Russia’s invasion of Ukraine will likely result in an elevated number of cyber-attacks and…

SEC Votes to Propose Rules For Cybersecurity Concerning RIAs

As discussed in the prior update, the Securities and Exchange Commission (SEC), and specifically the Chair of the SEC, Gary Gensler, emphasized the SEC’s cybersecurity focus during his address at the 2022 Annual Securities Regulation…

SEC Provides More Insight into 2022 Plans

As discussed in prior updates, the Securities and Exchange Commission (SEC) has increased its efforts with regard to cybersecurity.  Towards that end, Chair of the SEC, Gary Gensler, discussed the SEC’s cybersecurity focus during his address at the…

Capital One Hacks

In the summer of 2019, Capital One discovered that a hacker had accessed private data for more than 100 million Capital One customers, including data that was part of their credit card applications, such as…

Cybersecurity Focus for SEC Will Continue for 2022

In past posts, we discussed increased enforcement efforts by the Securities and Exchange Commission (SEC). The SEC’s focus should have come as no surprise given that in early 2021, the SEC highlighted information protection and cybersecurity as key…

The SEC Strikes Again

In the last newsletter, we discussed the Securities and Exchange Commission (SEC) and its recent enforcement efforts.   Specifically, how the SEC and the New York Department of Financial Services (DFS) have been pursuing entities for failure to…

Look Out, Here Comes the SEC

In the last few posts, we discussed the NYS Department of Financial Services (“DFS”) and its enforcement efforts.   Specifically, NY DFS has been going after entities for failure to report prior breaches.   For example, DFS…

A Deeper Look at the Criteria for Reporting a Breach to NYDFS

In the last newsletter, we discussed the NYS Department of Financial Services (“DFS”) recent efforts and its overall posture of ramping up enforcement.  One of the important points that we noted was that the hefty multi-million…

Critical Point in Recent NYS DFS Enforcement Actions

In the last post, it was noted that the NYS Department of Financial Services (“DFS”) was ramping up enforcement of its Cybersecurity Regulation as evidenced by two recently announced multi-million dollar settlements.  One of the…

NYDFS Ramps Up Enforcement Actions

The NYS Department of Financial Services (“DFS”) has recently announced two multi-million dollar settlements and has increased enforcement of its Cybersecurity Regulation. It is important to note that DFS has announced three enforcement actions since…

Compliance & Enforcement

with John J. Cooney, Esq
More >

Cybersecurity Timeline

about Regulations & Hackers
More >

Compliance Challenges

about Regulations & Hackers
More >