MTradecraft

MTradecraft
Sign in Subscribe
Menu

Cufflinks or Handcuffs: Navigating the New Era of Executive Cybersecurity Liability

Comments 0
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 0

For years, cybersecurity was treated as a technical problem—something delegated to IT, managed quietly in the background, and addressed with vague references to “best practices.” I have spent enough time…

Latest posts View all

Guide to Performing a Cybersecurity Risk and Threat Assessment using Shodan.

Comments 0
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 0


Introduction to the Risk and Threat Assessment.

Most SEC-registered firms believe they have a clear understanding of which systems are exposed to the public internet. In reality, many firms do…

New Guide Posted: How to Execute the Cybersecurity Policies & Procedures Manual

Comments 0
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 0
I’ve posted a new document to The BrainTrust repository:


“An Overview and Introduction to the MTradecraft Cybersecurity Policies & Procedures Manual.” 


This guide is the execution-layer companion to the…

How A Spy Would Conduct a Vendor Due Diligence Analysis for an SEC Registered Firm

Comments 0
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 0

Leveraging Open Source Intelligence (OSINT) to Fortify RIA Vendor Oversight:

In the intelligence world, you never rely solely on what a subject tells you.  

 You validate the story through…

The Future of RIA Operations, IT Infrastructure, and Security...my $0.02.

Comments 1
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 1
Over the past year or two-ish, a powerful convergence of forces has quietly — but decisively — reshaped the risk landscape for every RIA and financial institution.

This shift is…

New Cybersecurity Policies & Procedures Template Released — Fully Updated for the 2024 Regulation S-P Amendments

Comments 0
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 0
A newly revised Cybersecurity Policies & Procedures Template is now available to all members. This update incorporates the 2024 amendments to Regulation S-P (effective August 2, 2024) and aligns the…

The New SEC Regulation S-P Amendments: What Every RIA Needs to Know

Comments 0
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 0

Effective Date: August 2, 2024

Compliance Deadline for Smaller Firms: June 2026

Regulation Applies To: SEC-registered Investment Advisers, Broker-Dealers, Investment Companies, and Transfer Agents

The Full SEC…

Mastering the Cybersecurity Policies and Procedures Manual

Comments 0
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 0



This video walks through how we build a cybersecurity Policies & Procedures Manual that not only satisfies today’s regulatory requirements but also anticipates what’s coming next.

Although Rule 206(4)-9 was…

New Compliance Template Available: The Vendor Due Diligence Questionnaire

Comments 0
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 0
We’ve added a new Vendor Due Diligence & Risk Assessment Questionnaire to help you streamline one of the most critical parts of your cybersecurity compliance program — assessing the firms…

The SEC RIA Incident Response Plan

Comments 0
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 0


New Resource Added: The SEC-Compliant Incident Response Plan Template

We’ve just added a major new resource to your member library — the MTradecraft Incident Response Plan (IRP) Template.

This…

The Unseen Risk of a Stolen iPhone to your Firm's Network

Comments 0
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 0
The Single Point of Failure: How a Stolen iPhone Can Unravel Corporate Security

The is information very few want to talk about. 

In today's interconnected world, where corporate data is…

Why Email Is Still Broken — and What You Can Do About It

Comments 0
{:like=>"Like", :liked=>"Liked", :likes_html=>{:one=>"1 <span class='like-text'>like</span>", :other=>"%{count} <span class='like-text'>likes</span>"}, :index=>{:more_likes=>{:one=>"And one more", :other=>"And %{count} more"}}} 0
You can use the free MX Toolbox Supertool to check your email records and compare your settings to the recommendations below:

[hidden link]

So what is broken?

Email has been around…