The Federal Trade Commission updated its “Standards for Safeguarding Customer Information” (“Safeguards Rule”) and extended the compliance deadline to June 9, 2023. Some entities still may be wondering – “Do these regulations apply to my business?” and “What do I have to do?”

The Securities and Exchange Commission warned broker-dealers and advisors Wednesday about the importance of having written policies and procedures for safeguarding client records and information at branch offices, since some firms have experienced cybersecurity and data breaches.

Last month, the SEC took a big step toward strengthening the cybersecurity of financial systems by proposing regulations that, taken together, will require registered investments advisers, broker‑dealers, and all national securities exchanges, among others, to implement additional measures to protect their systems.[1] Since these are proposed rules, there is time for affected companies to comment on them and prepare for their requirements.

On March 15, 2023 the Securities and Exchange Commission (“SEC”) proposed three new sets of rules (the “Proposed Rules”) which, if adopted, would require a variety of companies to beef up their cybersecurity policies and data breach notification procedures. As characterized by SEC Chair Gary Gensler, the Proposed Rules aim to promote “cyber resiliency” in furtherance of the SEC’s “responsibility to help protect for financial stability.”[1]

Are you the type of business owner who forgets about ex-employees as soon as they’re gone? Failing to remove former employees’ access to your systems and data could lead to security breaches. Don’t let poor off-boarding practices be the weak link in your cybersecurity chain.

The Securities and Exchange Commission is reopening the public comment period for its proposed rule on cybersecurity after it was initially released last year.

Advisor Armor named #1 Cybersecurity Compliance Software by T3 Investment Advisor Survey

The Securities and Exchange Commission plans to “significantly” increase onsite exams of advisors within the next six months, Natasha Greiner, deputy director of the SEC’s Division of Examinations, said Thursday.

In 2022, the SEC examined approximately 15% of RIAs.

“In the age of telework, your home network can be used as an access point for nation-state actors and cybercriminals to steal sensitive information,” said Neal Ziring, NSA Cybersecurity Technical Director. “We can minimize this risk by securing our devices and networks, and through safe online behavior.”

As the SEC staff picks up the pace of cyber investigations, Chair Gensler continues the push to beef up the Enforcement Division’s already meaty toolkit.