FINRA Report on Cybersecurity Practices (2015)

FinraFeb2015

On February 4, 2015, FINRA published its report on cybersecurity practices arising out of its 2014 targeted examination of firms’ cybersecurity preparedness.  The Report reflects FINRA’s risk management-based approach to cybersecurity issues, identifying principles and “effective practices” for member firms to consider, as opposed to decreeing specific requirements, policies or procedures. FINRA characterizes its intent in preparing the Report as an attempt to focus firms on a “risk management-based approach to cybersecurity” that can be tailored to each firm’s particular circumstances. . .

 

SEC Issues Cybersecurity Exam Observations (2015)

SECCyber

On February 3, 2015, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert summarizing its findings following examination of the preparedness of 57 broker-dealers and 49 investment advisory firms to address legal, regulatory and compliance challenges related to cybersecurity. These examinations grew out of the SEC’s Cybersecurity Examination Initiative which began last year . . .