Last month, the SEC took a big step toward strengthening the cybersecurity of financial systems by proposing regulations that, taken together, will require registered investments advisers, broker‑dealers, and all national securities exchanges, among others, to implement additional measures to protect their systems.[1] Since these are proposed rules, there is time for affected companies to comment on them and prepare for their requirements.

On March 15, 2023 the Securities and Exchange Commission (“SEC”) proposed three new sets of rules (the “Proposed Rules”) which, if adopted, would require a variety of companies to beef up their cybersecurity policies and data breach notification procedures. As characterized by SEC Chair Gary Gensler, the Proposed Rules aim to promote “cyber resiliency” in furtherance of the SEC’s “responsibility to help protect for financial stability.”[1]

Are you the type of business owner who forgets about ex-employees as soon as they’re gone? Failing to remove former employees’ access to your systems and data could lead to security breaches. Don’t let poor off-boarding practices be the weak link in your cybersecurity chain.

The Securities and Exchange Commission is reopening the public comment period for its proposed rule on cybersecurity after it was initially released last year.

Advisor Armor named #1 Cybersecurity Compliance Software by T3 Investment Advisor Survey

The Securities and Exchange Commission plans to “significantly” increase onsite exams of advisors within the next six months, Natasha Greiner, deputy director of the SEC’s Division of Examinations, said Thursday.

In 2022, the SEC examined approximately 15% of RIAs.

“In the age of telework, your home network can be used as an access point for nation-state actors and cybercriminals to steal sensitive information,” said Neal Ziring, NSA Cybersecurity Technical Director. “We can minimize this risk by securing our devices and networks, and through safe online behavior.”

As the SEC staff picks up the pace of cyber investigations, Chair Gensler continues the push to beef up the Enforcement Division’s already meaty toolkit.

Cybercriminals are co-opting the identities of legitimate US financial advisers to use them as fodder for relationship scams (aka "pig butchering"), which end with the theft of investments.

You may not have thought about working from home before the pandemic hit. In fact, 47% of people in the United States said they never worked remotely before COVID-19, and only 17% did so five days a week. But now, 44% of the same population work from home throughout the week. While this flexibility likely eases the strain on them, their employers must have an even greater focus on cybersecurity.

How can IT teams and cybersecurity professionals uphold the digital safety of multiple remote workers? Read on for the specific difficulties of incident response at a distance and strategies for managing them.