August 23, 2017- Cyber Security Alert

On August 7, 2017, The U.S. Securities Exchange Commission issued observations based on OCIE’s Cybersecurity 2 Initiative that examined 75 different registered entities, including broker-dealers investment advisers, and others. The SEC examination focused on firms written policies and procedures regarding cybersecurity. The Commission sought to understand firm’s preparedness in: (1) governance and risk assessment, (2) access rights and controls, (3) data loss protection, (4) vender management, (5) training, and (6) incident respond.

The Commission found an overall improvement in firm awareness of cybersecurity risks and implementation of procedures to address such risks, as follows:

However, the Commission observed a number of issues firms should address in order to assess and improve their policies, procedures and practices such as:

Firms should be aware of the information provided by the SEC on this topic when developing cyber security policies and procedures. Creating effective policies and procedures will alleviate future issues with the SEC and FINRA.

Should you have any questions about this Alert or other compliance or regulatory matters, you may contact the author.

DOWNLOAD Cyber Security Alert – August 2017

Leave a Reply

Your email address will not be published. Required fields are marked *