Cybersecurity and Risk Insights and Alerts

Cyber risks and threats continue to evolve, and firms are under pressure to meet SEC and FCA expectations for operational resilience as well as their own internal and client expectations for cybersecurity and privacy. Stay current on the latest cybersecurity, privacy, and risk threat and regulatory alerts, and build your cybersecurity and privacy knowledge with insights from our cybersecurity and technology risk experts.

ACA Aponix Cybersecurity Checklist

Download and review the following cybersecurity safeguards and evaluate your firm’s cybersecurity program.

Cyber alerts and insights

lock

2024 Cybersecurity Benchmarking Survey

ACA has partnered with NSCP to gather data on cybersecurity trends, policies, and challenges across the financial services industry.

Survey
  • Cybersecurity
Snow in Central Park

U.S. Regulatory Update – Winter 2023

This update covers the SEC's 2023 enforcement results, implications of the Corporate Transparency Act, the DOL's new fiduciary rule proposal, the CFTC's new blueprint for enforcement, and more.

Newsletter
  • Compliance
  • Cybersecurity
Will SM&CR Pass its own fit and proper test

AI in UK Financial Services: Unbelievable Potential is Not Without Compliance Risk

The latest joint discussion paper FS2/23 issued by the BoE, FCA, and PRA outlined that the existing UK regulatory frameworks encompass ways in which AI is being used.

Article
  • Compliance
  • Cybersecurity
curved glass building looking up at a blue sky

SEC Conducts Sweep of AI Use by Investment Advisers

As part of the SEC’s recent focus on AI, the Division of Examinations has initiated a sweep of investment advisers on how AI-based tools are being used by the firms.

Compliance Alert
  • Compliance
  • Cybersecurity
circuit board abstract

Three Eras of Cybersecurity Portfolio Oversight

Cybersecurity oversight of portfolio companies is continually evolving to meet new risks. Three eras can be roughly defined based on different approaches that have been adopted.

Article
  • Cybersecurity
blue smoke and digital

Thousands of Servers Exposed By Citrix Bleed Vulnerability

What is Citrix Bleed? Citrix Bleed (CVE-2023-4966) is a critical vulnerability affecting Citrix NetScaler ADC and NetScaler Gateway appliances. It is now being targeted by the Russian ransomware gang, LockBit.

Cyber Alert
  • Cybersecurity