Demonstrative of its continuing focus on cybersecurity risk management, the Securities and Exchange Commission (SEC) issued yet another Risk Alert addressing a specific strain of cybersecurity threats: ransomware attacks. Following the Wannacry epidemic that occurred on May 12th, which is being reported as the largest ransomware attack in history, the SEC swiftly stepped in providing guidance to investment advisers, investment companies and broker-dealers (collectively, “Investment Firms”) on how to address this specific threat.
Photo Credit: © panandrii - stock.adobe.com
Some of the salient points from this latest Risk Alert and our observations:
We believe the takeaway here is that the SEC continues to aggressively pursue cybersecurity as a top priority and that its Cybersecurity Sweeps are continuing. Compliance expectations surrounding cybersecurity are increasing and the SEC will be looking for evidence of a customized, periodically assessed and regularly-tested Cybersecurity Program that includes elements of technology, governance and training. Moreover, smaller Investment Firms are not immune and remain in the crosshairs of the SEC Cybersecurity Sweeps.
Align Cybersecurity™ – Your Trusted Advisor
Clearly, cybersecurity risk management (or, as the SEC refers to it “cybersecurity preparedness”) is a significant part of the current regulatory regime applicable to Investment Firms. Align Cybersecurity has assembled an elite team of legal, IT, compliance, security and technology specialists, providing Cybersecurity Advisory Services catered to Investment Firms. The practice leaders of Align Cybersecurity include a practicing investment management attorney and a well-known IT expert and technologist, both of whom have been working with fund managers for over 30 years in the aggregate.
Align Cybersecurity works in conjunction with esteemed partners to provide a full spectrum of Cybersecurity Advisory Services to its clients, encompassing hands-on guidance, advice and counsel in assessing their cybersecurity disposition, designing and implementing an appropriate and cost-effective Cybersecurity Program for firms and managers of all sizes and levels of sophistication, whether start-up funds, emerging managers or larger and more sophisticated advisors and funds. The overall objective is to design a cost-effective and unimpeachable Cybersecurity Program that will meet regulatory requirements, educate and train employees, and satisfy investor expectations. For more information, visit: www.aligncybersecurity.com