Skip to content

SEC Published Cybersecurity and Operational Resiliency Best Practices

On January 27, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued various examination observations. These examinations are related to operational resiliency and cybersecurity practices taken by the market participants.

OCIE highlighted various approaches taken by organizations in the area of vendor management, data loss prevention, governance and risk management, mobile security, access rights and controls, training and awareness, as well as incident response and resiliency.

The latest observation focuses on particular examples of operational resiliency and cybersecurity practices and control. These are the measures that organizations have taken aiming to safeguard against various threats and respond when incidents arise. SEC Chairman Jay Clayton said:

“Data systems are critical to the functioning of our markets and cybersecurity and resiliency are at the core of OCIE’s inspection efforts. I commend OCIE for compiling and sharing these observations with the industry and the public.”

Clayton encouraged market participants to incorporate the information into their cybersecurity assessments. OCIE observed several practices used in the management and combating of cyber risk using risk-targeted examinations in each of the five examination program areas. According to Peter Driscoll, Director of OCIE, these practices are also used to build operational resiliency.

Suggestions

OCIE felt it was important to share their findings to enable organizations to have an opportunity to reflect on their in-house cybersecurity practices. OCIE is tasked with examining all SEC-registered investment companies, clearing agencies, investment advisers, transfer agents, self-regulatory organizations, broker-dealers and many others.

It implements its risk-based approach to examinations enabling it to fulfill its mission of enhancing compliance using US securities laws. OCIE also uses the same approach to monitor risk, prevent fraud, and inform SEC policy.

By sharing these observations, the Commission encourages market participants to review their policies, practices and procedures. Assessing preparedness levels and implementing the proposed measures makes an organization more secure. Market participants should also engage in law enforcement and regulators actively in these strategies.

Best Crypto Exchange for Intermediate Traders and Investors

  • Invest in cryptocurrencies and 3,000+ other assets including stocks and precious metals.

  • 0% commission on stocks - buy in bulk or just a fraction from as little as $10. Other fees apply. For more information, visit etoro.com/trading/fees.

  • Copy top-performing traders in real time, automatically.

  • eToro USA is registered with FINRA for securities trading.

30+ million Users
Securities trading offered by eToro USA Securities, Inc. (“the BD”), member of FINRA and SIPC. Cryptocurrency offered by eToro USA LLC (“the MSB”) (NMLS: 1769299) and is not FDIC or SIPC insured. Investing involves risk, and content is provided for educational purposes only, does not imply a recommendation, and is not a guarantee of future performance. Finbold.com is not an affiliate and may be compensated if you access certain products or services offered by the MSB and/or the BD

Read Next:

Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts

Sign Up

or

By submitting my information, I agree to the Privacy Policy and Terms of Service.

Already have an account?

Services

IMPORTANT NOTICE

Finbold is a news and information website. This Site may contain sponsored content, advertisements, and third-party materials, for which Finbold expressly disclaims any liability.

RISK WARNING: Cryptocurrencies are high-risk investments and you should not expect to be protected if something goes wrong. Don’t invest unless you’re prepared to lose all the money you invest. (Click here to learn more about cryptocurrency risks.)

By accessing this Site, you acknowledge that you understand these risks and that Finbold bears no responsibility for any losses, damages, or consequences resulting from your use of the Site or reliance on its content. Click here to learn more.