News

Melinda McLellan, Jonathan Forman Comment on Financial Adviser Cybersecurity Requirements Proposed in Colorado

News / April 28, 2017

Partner Melinda McLellan and Counsel Jonathan Forman are quoted in an article published April 28, 2017, in Bloomberg BNA’s “Privacy & Data Security Law” newsletter. The article, “Colorado Moving to Set Financial Adviser Cybersecurity Rule,” discusses a proposed Colorado rule that would require entities with state securities licenses to conduct an annual assessment of their cybersecurity risks.

McLellan told Bloomberg that it’s possible other states will follow Colorado's lead. “To the extent certain state governments may have concerns about lax regulatory oversight by the feds, we could see an increased appetite for taking on cybersecurity enforcement at the state level,” she said.

In his comments, Forman said that although the details need to be worked out, Colorado's rule isn't unreasonable. “The proposed rule is a recognition that cybersecurity compliance is now a cost of doing business,” he said. “Luckily, while the proposed rule is prescriptive, it allows advisers and broker-dealers to tailor their compliance programs to address their cybersecurity risk profiles.”

Read the article (registration required).

Related Services

Blog

In The Blogs

Previous Next
Data Privacy Monitor
New Mexico Attorney General Is Turning Up the Heat on Enforcement of Data Privacy Laws
September 18, 2018
With the announcement last week of its new lawsuit against several tech companies for violating Children’s Online Privacy Protection Act (“COPPA”), the FTC Act, and New Mexico’s Unfair Practices Act (“UPA”), the State of New Mexico Office...
Read More ->
Data Privacy Monitor
Is a New Federal Data Privacy Law on the Horizon? The Tech Industry Sure Hopes So
September 17, 2018
Despite several failed attempts in recent years, there is a new effort underway to enact a federal data privacy law, and it’s being led by a somewhat unlikely source – the tech industry. Although they were resistant to a federal privacy...
Read More ->
Data Privacy Monitor
The Weekly Privacy Rewind
By Aaron R. Lancaster
September 10, 2018
Class Actions Hotel Investment and Management Firm Aimbridge Hospitality LLC Removes Putative Class Action to Federal Court • Hospitality company Aimbridge Hospitality LLC (Aimbridge) removed a putative class action lawsuit by a former...
Read More ->
Data Privacy Monitor
California Amends Landmark Privacy Law Delaying Enforcement and Making Revisions
By Alan L. Friel, Niloufar Massachi
September 5, 2018
With only hours left to the 2018 legislative session, the California Legislature has amended the California Consumer Privacy Act of 2018 (CCPA) by passing SB-1121. The legislature was expected to amend the CCPA, which passed in just about...
Read More ->
Data Privacy Monitor
The Weekly Privacy Rewind
By Aaron R. Lancaster
September 5, 2018
Class Actions San Francisco Transit Agency Seeks Approval of Class Action Settlement • Bay Area Rapid Transit (BART) sought preliminary approval of a class action settlement to resolve claims that the transit agency’s mobile app secretly...
Read More ->