BROWSE BY TOPIC
- Bad Brokers
- Compliance Concepts
- Investor Protection
- Investments - Unsuitable
- Investments - Strategies
- Investments - Private
- Features/Scandals
- Companies
- Technology/Internet
- Rules & Regulations
- Crimes
- Investments
- Bad Advisors
- Boiler Rooms
- Hirings/Transitions
- Terminations/Cost Cutting
- Regulators
- Wall Street News
- General News
- Donald Trump & Co.
- Lawsuits/Arbitrations
- Regulatory Sanctions
- Big Banks
- People
TRENDING TAGS
Stories of Interest
- Sarah ten Siethoff is New Associate Director of SEC Investment Management Rulemaking Office
- Catherine Keating Appointed CEO of BNY Mellon Wealth Management
- Credit Suisse to Pay $47Mn to Resolve DOJ Asia Probe
- SEC Chair Clayton Goes 'Hat in Hand' Before Congress on 2019 Budget Request
- SEC's Opening Remarks to the Elder Justice Coordinating Council
- Massachusetts Jury Convicts CA Attorney of Securities Fraud
- Deutsche Bank Says 3 Senior Investment Bankers to Leave Firm
- World’s Biggest Hedge Fund Reportedly ‘Bearish On Financial Assets’
- SEC Fines Constant Contact, Popular Email Marketer, for Overstating Subscriber Numbers
- SocGen Agrees to Pay $1.3 Billion to End Libya, Libor Probes
- Cryptocurrency Exchange Bitfinex Briefly Halts Trading After Cyber Attack
- SEC Names Valerie Szczepanik Senior Advisor for Digital Assets and Innovation
- SEC Modernizes Delivery of Fund Reports, Seeks Public Feedback on Improving Fund Disclosure
- NYSE Says SEC Plan to Limit Exchange Rebates Would Hurt Investors
- Deutsche Bank faces another challenge with Fed stress test
- Former JPMorgan Broker Files racial discrimination suit against company
- $3.3Mn Winning Bid for Lunch with Warren Buffett
- Julie Erhardt is SEC's New Acting Chief Risk Officer
- Chyhe Becker is SEC's New Acting Chief Economist, Acting Director of Economic and Risk Analysis Division
- Getting a Handle on Virtual Currencies - FINRA
ABOUT FINANCIALISH
We seek to provide information, insights and direction that may enable the Financial Community to effectively and efficiently operate in a regulatory risk-free environment by curating content from all over the web.
Stay Informed with the latest fanancialish news.
SUBSCRIBE FOR
NEWSLETTERS & ALERTS
FOLLOW US
SEC Criticized for Lax Data Protection
Carl Hoecker - We'll Be Hearing A Lot From Him in the Future.
[ by Howard Haykin ]
For Carl Hoecker, the new SEC Inspector General, it was his first audit since taking over for former Inspector General H. David Kotz, who left the agency in early 2012.
In 2 separate audits completed late last month, the SEC's new Inspector General found vulnerabilities in the SEC's information technology system. Sensitive non-public information could be compromised if the SEC fails to take additional steps to improve its internal controls, an agency watchdog has found.
- In the 1st audit, dated 3/25/13, Mr. Hoecker examined how well the SEC maintains controls to protect sensitive information that it shares with the U.S. Financial Stability Oversight Council, or FSOC, a body of regulators that guards against systemic risks.
- The 2nd audit, dated 3/29/13, reviewed the SEC's compliance with the Federal Information Security Management Act, a federal law that lays down a framework for government agencies to protect themselves against threats and ensure data is secure.
Both audits were conducted as routine reviews to ensure compliance with federal rules and regulations, and were not investigating any wrongdoing.
Results Run Counter to Administration Objectives. The White House wants critical companies to comply with minimum security standards and also wants to help protect private information turned over to the government. The audit findings also coincide with renewed negotiations between Congress and the White House on legislation aimed at improving U.S. defenses against cyber attacks.
Where the SEC Tripped Up. Hoecker's 3/25 audit found, among other things, that:
- SEC needs to take more steps to safeguard critical information provided by such companies as hedge funds.
- Such information, largely proprietary in nature, is later reviewed by the FSOC.
-
SEC lacks controls for remote accessing of government servers: employees and contractors are subject to no restrictions or preventive controls when using a non-government computer to remotely access e-mail via the Internet, or and when uploading or saving non-public information.
- "As a result, sensitive or nonpublic information could potentially be saved to a non-SEC computer."
- "There is a risk that an unauthorized person could gain access to sensitive or nonpublic SEC information."
- Based on an earlier account of these audit findings, the SEC is not aware, and does not believe, that any sensitive information was actually compromised.
The second audit found, in general, that:
- SEC needs to improve how it continually monitors the security of its systems;
-
SEC should properly disable network accounts for employees or contractors at the time they leave the Agency.
- Failure to disable these accounts, enables unauthorized employees and/or contractors to maintain access to the SEC's network.
The SEC concurred with the recommendations and said it would take steps to correct the problems.
For further details, go to: [Reuters, 4/3/13].
Related Stories: Archive
-
Legal Funding Firm Accused of Scamming 9/11 Heroes, NFL Retirees
February 8, 2017 -
Elizabeth Warren, Wall Street Pariah, Now Has Lost Her Left-Wing Following
January 19, 2017 -
What We Know and Don’t Know About the Trump-Russia Dossier
January 11, 2017