The U.S. Securities and Exchange Commission (SEC) released two publications related to cybersecurity on February 3, 2015.
The first publication is a Risk Alert from the SEC’s Office of Compliance Inspections and Examinations and provides observations from the office’s examination of over 100 broker-dealers and investment advisers related to cybersecurity. These observations include how broker-dealers and advisers manage information security policies, what the policies address, and how they are utilizing external standards such as those published by the National Institute of Standards and Technology (NIST) or the International Organization for Standardization (ISO) to address cybersecurity risks. Broker-dealers and investment advisers can use the Risk Alert to benchmark their own cybersecurity program and identify gaps in managing the protection of sensitive information.
The second publication is an investor bulletin regarding best practices for investors to manage their own line brokerage accounts. These best practices include utilizing strong passwords, two-step authentication, avoiding the use of public computers when accessing online brokerage accounts, and securing mobile devices used to access brokerage accounts.
Links to both publications and the SEC’s press release are available here.
If you would like more information on these topics please contact:
Michael D. Stovsky at mstovsky@beneschlaw.com or 216.363.4626
Or any attorney from our Innovations, Information Technology & Intellectual Property (3iP) Practice Group.