Photo of Paul Ferrillo

Paul Ferrillo focuses his practice on cybersecurity corporate governance issues, complex securities and business litigation, and internal investigations. He assists clients with governance, disclosure, and regulatory matters relating to their cybersecurity postures and the regulatory requirements which govern them.

Nearly every day we learn of another company leaving tens or hundreds of millions of pieces of data or personally identifiable information on an unsecured database for anyone to see (or steal). It is no wonder, then, that the SEC’s office of Compliance Inspections and Examinations (OCIE) has issued a Risk Alert on the importance

In March 2019 the SEC Office of Compliance, Inspections and Examinations (OCIE) announced it would soon commence its annual “Cybersecurity Sweep” (Cyber Sweep) of registered investment advisers and broker-dealers. If these entities were not already focused on cybersecurity, OCIE’s announcement should assure registrants that cybersecurity is not a single frame of a movie, but a