At the recent SEC Speaks Conference in Washington D.C., Christopher Hetner, the Senior Advisor to the Chair for Cybersecurity Policy at the SEC's Office of Compliance Inspections and Examinations, emphasized the impending risks cyber-attacks pose to the financial markets.
As a result, SEC examiners will be conducting targeted examinations of certain registered entities to assess their cybersecurity related governance and risk management processes, their existing cybersecurity procedures and controls, and the measures taken to test and implement these procedures and controls.
The development and implementation of cybersecurity policies and procedures customized to the size, strategy, and risk to your business is an important area of focus for the SEC. Duff & Phelps can provide expertise and offers a wide variety of services to assist in the creation of a cybersecurity program unique to your business.
As Jason Elmer writes in the Global Regulatory Outlook 2017, "Regulated businesses must have an information systems security program appropriate for their circumstances, even if there is flexibility in determining what that is."