Scarinci Hollenbeck, LLC
The Firm
201-896-4100 info@sh-law.comAuthor: Scarinci Hollenbeck, LLC|May 14, 2015
Financial firms are attractive targets for cyberattacks, given that they possess valuable financial assets and client data. In fact, one recent report recently dubbed them “candy stores” for hackers.
While cybersecurity is considered a top threat, regulators continue to express concern that many registered advisers are not yet adequately prepared. Late last month, the Securities and Exchange Commission (SEC) published revised cybersecurity guidance, which reflects the rapidly changing nature of cyber threats.
The SEC’s latest recommendations reflect discussions concerning cybersecurity with fund boards and senior management and advisers during the course of the Division of Investment Management’s senior level engagement and monitoring efforts as well as feedback from the Office of Compliance Inspections and Examinations’ review of adviser cybersecurity practices.
According to the SEC, advisers should identify their respective compliance obligations under the federal securities laws and take into account these obligations when assessing their ability to prevent, detect and respond to cyber attacks. It further suggests that advisers and funds consider the following measures when addressing cybersecurity risk:
The SEC guidance notes that advisers should tailor their compliance programs based on the nature and scope of their businesses. It further emphasizes that because funds and advisers rely on a number of service providers in carrying out their operations, they should also determine whether these third parties also have appropriate cybersecurity measures in place.
The Firm
201-896-4100 info@sh-law.comFinancial firms are attractive targets for cyberattacks, given that they possess valuable financial assets and client data. In fact, one recent report recently dubbed them “candy stores” for hackers.
While cybersecurity is considered a top threat, regulators continue to express concern that many registered advisers are not yet adequately prepared. Late last month, the Securities and Exchange Commission (SEC) published revised cybersecurity guidance, which reflects the rapidly changing nature of cyber threats.
The SEC’s latest recommendations reflect discussions concerning cybersecurity with fund boards and senior management and advisers during the course of the Division of Investment Management’s senior level engagement and monitoring efforts as well as feedback from the Office of Compliance Inspections and Examinations’ review of adviser cybersecurity practices.
According to the SEC, advisers should identify their respective compliance obligations under the federal securities laws and take into account these obligations when assessing their ability to prevent, detect and respond to cyber attacks. It further suggests that advisers and funds consider the following measures when addressing cybersecurity risk:
The SEC guidance notes that advisers should tailor their compliance programs based on the nature and scope of their businesses. It further emphasizes that because funds and advisers rely on a number of service providers in carrying out their operations, they should also determine whether these third parties also have appropriate cybersecurity measures in place.
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.