Cybersecurity and Risk Insights and Alerts
Cyber risks and threats continue to evolve, and firms are under pressure to meet SEC and FCA expectations for operational resilience as well as their own internal and client expectations for cybersecurity and privacy. Stay current on the latest cybersecurity, privacy, and risk threat and regulatory alerts, and build your cybersecurity and privacy knowledge with insights from our cybersecurity and technology risk experts.
ACA Aponix Cybersecurity Checklist
Cyber alerts and insights

FINRA Warns of Fake Agency Website
FINRA issued an alert regarding the appearance of a fake website purporting to be from the authority. The fake website uses the domain “finnra.org” in which the letter “n” appears twice.
- Cybersecurity
- Phishing

Highlights from the 2020 NSCP / ACA Aponix Cybersecurity Compliance Programs Survey
Benchmarking your firm’s cybersecurity program against those of your peers is a smart way to identify the compliance gaps your firm should address. Here are the results of the 2020 NSCP / ACA Aponix Cybersecurity Compliance Programs Survey.
- Cybersecurity

Is It Time to Reset Your Password Reset Policy?
Many authorities are questioning whether mandatory password reset policies are worth the hassle. Get ACA's guidance on when, if ever, you can remove or relax your password reset policy.
- Cybersecurity

Third-Party Risk Management: Collaborating for Results
Running vendor management or third-party risk management (TPRM) programs can be a complicated process for both consumers and providers of services. Here are some of the current challenges with due diligence and opportunities to improve the process for all parties involved.
- Cybersecurity

Critical Vulnerability Identified in Windows Servers
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert identifying a critical vulnerability affecting all versions of Microsoft® Windows Server® configured with the Domain Name System (DNS) role enabled. The vulnerability could potentially allow a remote attacker to gain control of affected systems.
- Cybersecurity

European Union Court Strikes Down Key EU-U.S. Data Sharing Agreement
The Court of Justice of the European Union (CJEU) has determined that the Privacy Shield agreement, a key data sharing agreement that allows signatory U.S. companies to transfer EU resident personal data to the U.S., is no longer valid. Learn what action you may need to take due to this change.
- Cybersecurity