Data Security Law Journal Focusing on legal trends in data security, cloud computing, data privacy, and anything E

Category Archives: SEC

Subscribe to SEC RSS Feed

The SEC Makes Clear There is No Room For Error in Cybersecurity

Posted in Being Proactive, Data Breach, Data Security, SEC

The SEC recently agreed to a $1,000,000 settlement of an enforcement action against Morgan Stanley for its failure to have sufficient data security policies and procedures to protect customer data. The settlement was significant for its amount. The true noteworthiness here, however, lies not in the end result but the implications of how it was… Continue Reading

The SEC Is Cracking Down on Companies That Do Not Disclose Cyber Incidents

Posted in Data Security, SEC

As I wrote in a previous post, the Securities and Exchange Commission’s (SEC) Division of Corporation Finance issued a Disclosure Guidance on October 13, 2011, that states publicly traded companies may be obligated to disclose cyber incidents and the risk of cyber incidents, depending on the application of various factors. Now, according to a recent… Continue Reading