InfoBytes Blog
SEC Announces Cybersecurity Examination Initiative
On April 15, the SEC’s Office of Compliance Inspections and Examinations announced that it will be conducting cybersecurity examinations of more than 50 registered broker-dealers and registered investment advisers. The examinations will assess each firm’s cybersecurity preparedness and collect information about the industry’s recent experiences with certain types of cyber threats. Specifically, examiners will focus on (i) cybersecurity governance; (ii) identification and assessment of cybersecurity risks; (iii) protection of networks and information; (iv) risks associated with remote customer access and funds transfer requests; (v) risks associated with vendors and other third parties; (vi) detection of unauthorized activity; and (vii) and experiences with certain cybersecurity threats. The SEC included with the announcement a sample document and information request it plans to use in this examination initiative.