FINRA, SEC’s Secret Weapon Against Cyberattackers, Investment Advisor, by Brendan McGarry
Brendan P. McGarry of Kaufman Dolowich & Voluck in Chicago writes about the ongoing fight to protect client information from cyberattacks and that one rule has emerged as regulators’ go-to in enforcements against firms. This will be published in the April issue of Investment Advisor.
FINRA and the Securities and Exchange Commission continue their concerted efforts to ensure financial firms’ compliance with cybersecurity regulations. Both regulators have indicated that one of their primary concerns for the coming year is cybersecurity. In particular, FINRA intends to review firms’ approaches to cybersecurity risk management, examining one or more of the following topics: governance, risk assessment, technical controls, incident response, vendor management, data loss prevention and staff training. In addition, FINRA will continue to examine firms’ ability to protect confidential client information, including compliance with SEC Regulation S-P. FINRA has continued its efforts to enforce cybersecurity requirements and will almost certainly increase efforts to hold firms accountable for violations in this regard moving forward.