SEC Recommendations to Protect Against Cybersecurity Threats
March 09, 2020 —
Shaia Araghi and Jeffrey Dennis – Newmeyer DillionWhat Happened?
The Securities and Exchange Commission's Office of Compliance Inspections and Examinations ("OCIE") issued a detailed
report on January 27, 2020 regarding various ways for organizations to safeguard data and protect against security and data breaches. Cyber threat actors are now invading data in a more sophisticated manner than ever before, and implementation of the SEC's recommended practices are essential in order to protect from outside vulnerabilities.
What is at Risk?
If market participants fail to implement these recommended policies, they will become more vulnerable to external attacks and data breaches. This can weaken an organization or firm if all employees are not properly trained and informed of the increasing dangers of cybersecurity breaches.
What Can You Do to Protect Yourself from a Cybersecurity Threat?
1.
Governance and Risk Management. Senior leaders should make efforts to improve the cyber safety at their organization. Some of these efforts may include:
- Devote attention to overseeing the organization's cybersecurity and resilience programs;
- Develop a risk assessment process to identify and mitigate cybersecurity risks to the organization;
- Adopt and implement policies and procedures regarding these risks;
- Promptly respond and adapt to changes by updating policies and procedures when necessary; and
- Establish communication policies and procedures to provide timely information to customers, employees, and others when needed.
2.
Access Rights and Controls. Implement updated controls to determine appropriate users for organization systems, limit access as appropriate to authorized users (including the set-up of multi-factor authentication) and monitor user access.
3.
Data Loss Prevention. OCIE has recommended various important data loss prevention measures for organizations:
- Establish a vulnerability management program;
- Implement capabilities that can monitor network traffic and detect threats on endpoints;
- Establish a patch management program covering all software and hardware;
- Maintain an inventory of hardware and software assets;
- Encrypt data and implement network segmentation;
- Create an insider threat program to monitor any suspicious behaviors; and
- Secure legacy systems and equipment through disposal of sensitive information from hardware and software and by reassessing vulnerability and risk assessments.
4.
Mobile Security. Establish policies and procedures for mobile device use, manage use of mobile devices through a mobile device management application, implement security measures for internal and external users, and train employees on mobile device policies and effective practices.
5.
Incident Response and Resiliency. Detect and disclose material information regarding incidents in a timely manner and assess appropriateness of corrective actions taken in response to incidents. Organizations should develop a plan if an incident occurs, address applicable reporting requirements, assign staff to execute specific areas of the plan, and test and assess the plan. In the event that a data breach occurs, an organization should improve its resiliency by maintaining an inventory of core business services and prioritizing business operations based on an assessment of risks.
6.
Vendor Management. Establish a vendor management program to ensure that vendors meet your organization's security requirements. Organizations should aim to understand all contract terms with vendors to ensure that all parties are in agreement regarding risk and security. Organizations should also monitor third-party vendors and ensure that the vendor continues to meet the organization's security requirements.
7.
Training and Awareness. Train staff to implement cybersecurity policies of the organization. Organizations should provide cybersecurity and resiliency training and re-evaluate the effectiveness of training procedures.
A Final Reminder for Organizations
Organizations should strive to implement as many of the SEC's recommended protection measures as possible. Ensuring that senior members of an organization are leading the initiative in increased awareness about cybersecurity threats through training of employees will lead to greater cyber safety for the overall organization. Although prevention of all breaches cannot be guaranteed, developing data loss prevention plans to keep the organization and its core businesses safe from attack will benefit the entire organization.
How We Can Help
If you feel that your business falls below the SEC's recommended security measures, our firm can assist with compliance. Contact us for a free initial consultation to determine a reasonable and practical way for your business to become compliant with these guidelines.
Shaia Araghi is an associate in the firm's Privacy & Data Security, and supports the team in advising clients on cyber-related matters, including compliance and prevention that can protect their day-to-day operations. For more information on how Shaia can help, contact her at shaia.araghi@ndlf.com.
Jeff Dennis (CIPP/US) is the Head of the firm's Privacy & Data Security practice. Jeff works with the firm's clients on cyber-related issues, including contractual and insurance opportunities to lessen their risk. For more information on how Jeff can help, contact him at jeff.dennis@ndlf.com.
About Newmeyer Dillion
For 35 years, Newmeyer Dillion has delivered creative and outstanding legal solutions and trial results that achieve client objectives in diverse industries. With over 70 attorneys working as a cohesive team to represent clients in all aspects of business, employment, real estate, environmental/land use, privacy & data security and insurance law, Newmeyer Dillion delivers holistic and integrated legal services tailored to propel each client's success and bottom line. Headquartered in Newport Beach, California, with offices in Walnut Creek, California and Las Vegas, Nevada, Newmeyer Dillion attorneys are recognized by The Best Lawyers in America©, and Super Lawyers as top tier and some of the best lawyers in California and Nevada, and have been given Martindale-Hubbell Peer Review's AV Preeminent® highest rating. For additional information, call 949.854.7000 or visit www.newmeyerdillion.com.
Read the court decisionRead the full story...Reprinted courtesy of
Why Insurers and Their Attorneys Need to Pay Close Attention to Their Discovery Burden in Washington
March 28, 2018 —
Neal Philip – Insurance Law BlogAs previously reported in this blog, Washington case law generally affords insureds a broad right to the discovery of claim file materials, including information that should be protected from disclosure by attorney/client privilege or the work product doctrine.
Cedell v. Farmers Ins. Co. of Washington, 176 Wn.2d 686, 295 P. 3d 239 (2013). The discovery pitfalls created by
Cedell were on full display in a recent Western District of Washington decision that granted an insured’s motion to compel production of work product and attorney/client communications from an insurer’s claims file.
Westridge Townhomes Owners Ass’n v. Great American Assur. Co., 2018 U.S. Dist. LEXIS 27960 (W.D. Wash. February 21, 2018)
The background facts are somewhat unclear, but it appears that the insured in this case made a claim for coverage under two insurance policies and there was an allegedly inadequate response from the insurers. The insured sued its insurers for coverage in 2016 before the insurers issued a declination of coverage letter. The two insurers retained the same attorney to represent them, and that attorney subsequently wrote a declination letter on behalf of the insurers, which was sent to the insured on April 12, 2017. The insured ultimately sought production of the entire claim file, which had not been split between the claim investigation and the coverage litigation. The insurers argued, among other things, that the insured was not entitled to anything after the litigation commenced in 2016 on work product grounds, and certainly was not entitled to communications with their attorney.
Read the court decisionRead the full story...Reprinted courtesy of
Neal Philip, Gordon, Reese, Scully, & MansukhaniMr. Philip may be contacted at
nphilip@grsm.com
Documentation Important for Defending Construction Defect Claims
November 27, 2013 —
CDJ STAFFWhen insurers are faced with a construction defect claim, they want information. Unfortunately, insurers “typically struggle to find the documents we need to understand what exactly happened and why it happened,” according to Robert Kreuzer, second vice president of construction risk control for Travelers. “The documents are either not there, or they’re inaccurate, or we can’t find them.”
Not only does it make determining what happened more difficult, it also slows downs the litigation process. Mr. Kreuzer also noted that by properly documenting and maintaining documents, “you have a better chance of getting yourself out of the dispute, and avoiding that 11-year headache.”
Read the court decisionRead the full story...Reprinted courtesy of
Congratulations to Jonathan Kaplan on his Promotion to Partner!
February 10, 2020 —
Bremer Whyte Brown & O'Meara LLPBremer Whyte Brown & O’Meara, LLP is proud to announce the promotion of Jonathan Kaplan to Partner!
Jonathan has been with the firm for nearly eight years out of our Newport Beach office. He focuses his practice on general liability defense and construction litigation matters, in addition to handling high-profile plaintiff defect cases. Jonathan earned his law degree from Chapman University School of Law, obtaining a certificate in Environmental, Real Estate and Land Use Law, and went to undergrad at the University of Washington. Jonathan is an active participant within the firm’s Hiring Committee and assists with legal recruitment at the prominent Orange County law schools. Jonathan is also an avid hiker and has coordinated several hiking events for our Southern California offices.
Read the court decisionRead the full story...Reprinted courtesy of
Bremer Whyte Brown & O'Meara LLP
Newmeyer & Dillion Ranked Fourth Among Medium Sized Companies in 2016 OCBJ Best Places to Work List
September 01, 2016 —
Newmeyer & Dillion LLPProminent business and real estate law firm
Newmeyer & Dillion LLP is proud to announce that it has been ranked fourth among medium sized companies in the
Best Places to Work in Orange County – 2016 Survey. The firm was the only law firm to make the top 25 of its category. This marks the fifth consecutive year Newmeyer & Dillion LLP has made the list showing that its deep commitment to professionalism and client service is shared and appreciated by its workforce.
Jeff Dennis, Newmeyer & Dillion’s Managing Partner, believes the award is representative of the team effort and atmosphere that is fostered at the firm. “We believe that client satisfaction goes hand-in-hand with work-place satisfaction. By combining an environment in which individual effort is recognized, with a team approach in which everyone is respected, we have achieved the perfect balance for success. We are honored that our employees appreciate our efforts in this regard.”
Created in 2009, the awards program evaluates entries based on workplace policies, practices, demographics and also collects employee surveys to measure overall satisfaction and experience. The Best Companies Group worked alongside the Orange County Business Journal in collecting and analyzing the data and is a partner in the project.
Newmeyer & Dillion has been honored in the July 25 issue of the Orange County Business Journal. For more information on the survey process and to see other award recipients contact Jackie Miller at 877-455-2159 or visit www.BestPlacestoWorkOC.com.
About Newmeyer & Dillion
For more than 30 years, Newmeyer & Dillion has delivered creative and outstanding legal solutions and trial results for a wide array of clients. With over 70 attorneys practicing in all aspects of business, employment, real estate, construction and insurance law, Newmeyer & Dillion delivers legal services tailored to meet each client’s needs. Headquartered in Newport Beach, California, with offices in Walnut Creek, California and Las Vegas, Nevada, Newmeyer & Dillion attorneys are recognized by The Best Lawyers in America©, and Super Lawyers as top tier and some of the best lawyers in California, and have been given Martindale-Hubbell Peer Review's AV Preeminent® highest rating. For additional information, call 949-854-7000 or visit www.ndlf.com.
Read the court decisionRead the full story...Reprinted courtesy of
Buy a House or Pay Off College? $1.2 Trillion Student Debt Heats Up in Capital
June 11, 2014 —
Janet Lorin – BloombergJennifer Day spends 12 percent of her monthly take-home pay on debt that funded a master’s degree in urban and regional planning, money she’d rather be saving toward a home.
“I spend $364 a month for student loans,” said Day, 33, who conducts market research for the hospitality industry at a consulting firm in New Orleans. “To me, that is a down payment or ultimately savings down the line.”
Under legislation sponsored by U.S. Senator Elizabeth Warren of Massachusetts, Day would save about $75 a month on her payments. The bill, which could come up for a vote on the Senate floor as soon as tomorrow, would let 25 million borrowers with federal and private loans refinance their balances at lower interest rates, according to Education Department estimates.
Read the court decisionRead the full story...Reprinted courtesy of
Janet Lorin, BloombergMs. Lorin may be contacted at
jlorin@bloomberg.net
Barratt Said to Suspend Staff as Contract Probe Continues
February 02, 2017 —
Jack Sidders - BloombergBarratt Developments Plc suspended at least three more employees within its London business as part of an ongoing probe into potential misconduct in the awarding of contracts, according to two people familiar with the decision.
Read the court decisionRead the full story...Reprinted courtesy of
Jack Sidders, BloombergMr. Sidders may be followed on Twitter @jacksidders
Developer Boymelgreen Forced to Hand Over Financial Records for 15 Broad Street
September 24, 2014 —
Beverley BevenFlorez-CDJ STAFFThe Manhattan Supreme Court “denied a last-ditch effort by Jeshayahu Boymelgreen to avoid handing over financial records as part of a state investigation into the development of 15 Broad Street in the Financial District,” according to The Real Deal. Attorney General Eric Schneiderman had ordered Boymelgreen to turn over the records. Futhermore, according to court records (as reported in The Real Deal), “the developer was also seeking to reduce the amount of money required to fund a $470,000 escrow account to make repairs at the condo — known as Downtown by Starck — which Boymelgreen jointly developed with Africa Israel.”
“We’re glad to see that the courts are rejecting Boymelgreen’s arguments why he shouldn’t be required to maintain an escrow account as security for the sponsor to obtain a permanent certificate of occupancy for 15 Broad, as was set forth in the very offering he participated in with Africa Israel,” Steven Sladkus, attorney for unit owners at the condo, stated. “Accountability is one step closer to the light at the end of the tunnel.”
Brian Itzkowitz, an attorney representing Boymelgreen, did not return The Real Deal’s calls or emails.
Read the court decisionRead the full story...Reprinted courtesy of
